]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 790b526) | patch
usb(4): Fix for use after free in combination with EVDEV_SUPPORT.
authorHans Petter Selasky <hselasky@FreeBSD.org>
Sun, 24 Oct 2021 11:38:04 +0000 (13:38 +0200)
committerHans Petter Selasky <hselasky@FreeBSD.org>
Sun, 24 Oct 2021 17:37:17 +0000 (19:37 +0200)
commitaad0c65d6b37364d8ba92ecb8c85e004398a5194
tree3f188fd0027a1f05bdb7ab47e80f2e46454fe11dtree | snapshot
parent790b5264886e581e995fc3b8fa45ca4ab4ffd31ccommit | diff
usb(4): Fix for use after free in combination with EVDEV_SUPPORT.

When EVDEV_SUPPORT was introduced, the USB transfers may be running
after the main FIFO is closed. In connection to this a race may appear
which can lead to use-after-free scenarios. Fix this for all FIFO
consumers by initializing and resetting the FIFO queues under the
lock used by the client. Then the client driver will see an empty
queue in all cases a race may appear.

Found by: pho@
MFC after: 1 week
Sponsored by: NVIDIA Networking
sys/dev/usb/usb_dev.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.