[PATCH v2] kni: fix use-after-free when kni release

[Ferruh Yigit]

On 2/14/2022 6:41 PM, Ferruh Yigit wrote:
> On 2/9/2022 7:35 AM, Min Hu (Connor) wrote:
>> From: Huisong Li <lihuisong at huawei.com>
>>
>> The "kni_dev" is the private data of the "net_device" in kni, and allocated
>> with the "net_device" by calling "alloc_netdev()". The "net_device" is
>> freed by calling "free_netdev()" when kni release. The freed memory
>> includes the "kni_dev". So After "kni_dev" should not be accessed after
>> "net_device" is released.
>>
> 
> The problem description looks valid and change looks good to me,
> 
> only list_del after remove is like this for years, I wonder how
> it is not caught until now, or if we are missing something, I
> want to test some before ack, which I will do in next few days.


Acked-by: Ferruh Yigit <ferruh.yigit at intel.com>