Re: [PATCH v2] nbd: fix uaf in nbd_open
- To: Li Lingfeng <lilingfeng@huaweicloud.com>
- Cc: josef@toxicpanda.com, linux-kernel@vger.kernel.org, hch@lst.de, linux-block@vger.kernel.org, nbd@other.debian.org, axboe@kernel.dk, chaitanya.kulkarni@wdc.com, yukuai1@huaweicloud.com, houtao1@huawei.com, yi.zhang@huawei.com, yangerkun@huawei.com, lilingfeng3@huawei.com
- Subject: Re: [PATCH v2] nbd: fix uaf in nbd_open
- From: Christoph Hellwig <hch@lst.de>
- Date: Wed, 8 Nov 2023 08:19:25 +0100
- Message-id: <[🔎] 20231108071925.GB4875@lst.de>
- In-reply-to: <20231107103435.2074904-1-lilingfeng@huaweicloud.com>
- References: <20231107103435.2074904-1-lilingfeng@huaweicloud.com>
I don't think this is actually enough on it's own. You'll also
need to move al the teardown logic that is currently in
nbd_dev_remove. And with this you should be able to remove the
NULL check in nbd_open, and propably the nbd_index_mutex critical
section. Although that'll need a very careful audit.
Reply to: