Re: [PATCH v2] nbd: fix uaf in nbd_open

To: Li Lingfeng <lilingfeng@huaweicloud.com>
Cc: josef@toxicpanda.com, linux-kernel@vger.kernel.org, hch@lst.de, linux-block@vger.kernel.org, nbd@other.debian.org, axboe@kernel.dk, chaitanya.kulkarni@wdc.com, yukuai1@huaweicloud.com, houtao1@huawei.com, yi.zhang@huawei.com, yangerkun@huawei.com, lilingfeng3@huawei.com
Subject: Re: [PATCH v2] nbd: fix uaf in nbd_open
From: Christoph Hellwig <hch@lst.de>
Date: Wed, 8 Nov 2023 08:19:25 +0100
Message-id: <[🔎] 20231108071925.GB4875@lst.de>
In-reply-to: <20231107103435.2074904-1-lilingfeng@huaweicloud.com>
References: <20231107103435.2074904-1-lilingfeng@huaweicloud.com>

I don't think this is actually enough on it's own.  You'll also
need to move al the teardown logic that is currently in
nbd_dev_remove.  And with this you should be able to remove the
NULL check in nbd_open, and propably the nbd_index_mutex critical
section.  Although that'll need a very careful audit.

Reply to:

Prev by Date: Re: [PATCH v2] nbd: fix uaf in nbd_open
Next by Date: [PATCH 1/3] nbd: fold nbd config initialization into nbd_alloc_config()
Previous by thread: Re: [PATCH v2] nbd: fix uaf in nbd_open
Next by thread: [PATCH 0/3] fix null-ptr-deref in nbd_open()
Index(es):
- Date
- Thread