Hello.
On 28.02.24 17:38, Fedor Pchelkin wrote:
mac802154_llsec_key_del() can free resources of a key directly without
following the RCU rules for waiting before the end of a grace period. This
may lead to use-after-free in case llsec_lookup_key() is traversing the
list of keys in parallel with
Hi,
On Mon, Mar 4, 2024 at 2:25 AM Fedor Pchelkin wrote:
>
> Hello Alexander,
>
> Thanks for review!
>
> On 24/03/03 06:19PM, Alexander Aring wrote:
> > Hi,
> >
> > On Wed, Feb 28, 2024 at 11:44 AM Fedor Pchelkin wrote:
> > >
> > > mac802154_llsec_key_del() can free resources of a key directly w
Hello Alexander,
Thanks for review!
On 24/03/03 06:19PM, Alexander Aring wrote:
> Hi,
>
> On Wed, Feb 28, 2024 at 11:44 AM Fedor Pchelkin wrote:
> >
> > mac802154_llsec_key_del() can free resources of a key directly without
> > following the RCU rules for waiting before the end of a grace perio
Hi,
On Wed, Feb 28, 2024 at 11:44 AM Fedor Pchelkin wrote:
>
> mac802154_llsec_key_del() can free resources of a key directly without
> following the RCU rules for waiting before the end of a grace period. This
> may lead to use-after-free in case llsec_lookup_key() is traversing the
> list of ke
mac802154_llsec_key_del() can free resources of a key directly without
following the RCU rules for waiting before the end of a grace period. This
may lead to use-after-free in case llsec_lookup_key() is traversing the
list of keys in parallel with a key deletion:
refcount_t: addition on 0; use-aft