| Message ID | 20240719192304.21821-1-bethany.jamison@canonical.com |
|---|---|
| Headers | show |
| Series | CVE-2024-39484 | expand |
On 24/07/19 02:23pm, Bethany Jamison wrote: > [Impact] > > mmc: davinci: Don't strip remove function when driver is builtin > > Using __exit for the remove function results in the remove callback being > discarded with CONFIG_MMC_DAVINCI=y. When such a device gets unbound (e.g. > using sysfs or hotplug), the driver is just removed without the cleanup > being performed. This results in resource leaks. Fix it by compiling in the > remove callback unconditionally. > > [Fix] > > Noble: Clean cherry-pick from linux-6.9.y > Jammy: Clean cherry-pick from linux-5.10.y > Focal: Jammy patch applied cleanly > Bionic: fix sent to esm ML > Xenial: fix sent to esm ML > Trusty: not going to be fixed by us > > [Test Case] > > Compile and boot tested > > [Where problems could occur] > > This fix affects those who use the Texas Instruments DaVinci MMC/SD/SDIO > driver, an issue with this fix would be visible to the user via a > decrease in system performance or a system crash. > > Uwe Kleine-König (1): > mmc: davinci: Don't strip remove function when driver is builtin > > drivers/mmc/host/davinci_mmc.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) Acked-by: Andrei Gherzan <andrei.gherzan@canonical.com>
On Fri, Jul 19, 2024 at 02:23:02PM -0500, Bethany Jamison wrote: > [Impact] > > mmc: davinci: Don't strip remove function when driver is builtin > > Using __exit for the remove function results in the remove callback being > discarded with CONFIG_MMC_DAVINCI=y. When such a device gets unbound (e.g. > using sysfs or hotplug), the driver is just removed without the cleanup > being performed. This results in resource leaks. Fix it by compiling in the > remove callback unconditionally. > > [Fix] > > Noble: Clean cherry-pick from linux-6.9.y > Jammy: Clean cherry-pick from linux-5.10.y > Focal: Jammy patch applied cleanly > Bionic: fix sent to esm ML > Xenial: fix sent to esm ML > Trusty: not going to be fixed by us > > [Test Case] > > Compile and boot tested > > [Where problems could occur] > > This fix affects those who use the Texas Instruments DaVinci MMC/SD/SDIO > driver, an issue with this fix would be visible to the user via a > decrease in system performance or a system crash. > > Uwe Kleine-König (1): > mmc: davinci: Don't strip remove function when driver is builtin > > drivers/mmc/host/davinci_mmc.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > -- > 2.34.1 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team Acked-by: Manuel Diewald <manuel.diewald@canonical.com>
On 19/07/2024 21:23, Bethany Jamison wrote: > [Impact] > > mmc: davinci: Don't strip remove function when driver is builtin > > Using __exit for the remove function results in the remove callback being > discarded with CONFIG_MMC_DAVINCI=y. When such a device gets unbound (e.g. > using sysfs or hotplug), the driver is just removed without the cleanup > being performed. This results in resource leaks. Fix it by compiling in the > remove callback unconditionally. > > [Fix] > > Noble: Clean cherry-pick from linux-6.9.y > Jammy: Clean cherry-pick from linux-5.10.y > Focal: Jammy patch applied cleanly > Bionic: fix sent to esm ML > Xenial: fix sent to esm ML > Trusty: not going to be fixed by us > > [Test Case] > > Compile and boot tested > > [Where problems could occur] > > This fix affects those who use the Texas Instruments DaVinci MMC/SD/SDIO > driver, an issue with this fix would be visible to the user via a > decrease in system performance or a system crash. > > Uwe Kleine-König (1): > mmc: davinci: Don't strip remove function when driver is builtin > > drivers/mmc/host/davinci_mmc.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > Applied to noble:linux, jammy:linux, focal:linux master-next branches. Thanks!
On 19/07/2024 21:23, Bethany Jamison wrote: > [Impact] > > mmc: davinci: Don't strip remove function when driver is builtin > > Using __exit for the remove function results in the remove callback being > discarded with CONFIG_MMC_DAVINCI=y. When such a device gets unbound (e.g. > using sysfs or hotplug), the driver is just removed without the cleanup > being performed. This results in resource leaks. Fix it by compiling in the > remove callback unconditionally. > > [Fix] > > Noble: Clean cherry-pick from linux-6.9.y > Jammy: Clean cherry-pick from linux-5.10.y > Focal: Jammy patch applied cleanly > Bionic: fix sent to esm ML > Xenial: fix sent to esm ML > Trusty: not going to be fixed by us > > [Test Case] > > Compile and boot tested > > [Where problems could occur] > > This fix affects those who use the Texas Instruments DaVinci MMC/SD/SDIO > driver, an issue with this fix would be visible to the user via a > decrease in system performance or a system crash. > > Uwe Kleine-König (1): > mmc: davinci: Don't strip remove function when driver is builtin > > drivers/mmc/host/davinci_mmc.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > Applied to noble:linux, focal:linux master-next branches. For jammy I have initially applied this as well, but it interfered with the update from v5.15.162. It contains the commit "mmc: davinci: Don't strip remove function when driver is builtin", but after this commit "mmc: davinci_mmc: Convert to platform remove callback returning void" that changes the signature of the function. To make things easier, I dropped your fix and used the fix from upstream v5.15.162 but included the CVE reference in the commit message.