Re: [PATCH -next 0/9] tty: Fix buffer work access-after-free

[Ilya Zykov]

On 04.12.2012 11:07, Peter Hurley wrote:
> This patch series addresses the causes of flush_to_ldisc accessing
> the tty after freeing.
> 

I think, it is have sense only if you can take effect,
with this patch or something like. I can't. :)

Signed-off-by: Ilya Zykov <ilya@xxxxxxx>
---
diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c
index 2ea176b..f24751d 100644
--- a/drivers/tty/tty_io.c
+++ b/drivers/tty/tty_io.c
@@ -170,6 +170,10 @@ struct tty_struct *alloc_tty_struct(void)
 	return kzalloc(sizeof(struct tty_struct), GFP_KERNEL);
 }

+static void flush_to_ldisc2(struct work_struct *work)
+{
+	printk(KERN_WARNING "Possible intrusion detected.\n");
+}
 /**
  *	free_tty_struct		-	free a disused tty
  *	@tty: tty struct to free
@@ -188,6 +192,8 @@ void free_tty_struct(struct tty_struct *tty)
 	kfree(tty->write_buf);
 	tty_buffer_free_all(tty);
 	tty->magic = 0xDEADDEAD;
+	PREPARE_WORK(&tty->buf.work,flush_to_ldisc2);
+	//memset(tty, 0, sizeof(struct tty_struct));
 	kfree(tty);
 }
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/