| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20170131.130944.1449047914150613032.davem@davemloft.net>
Date: Tue, 31 Jan 2017 13:09:44 -0500 (EST)
From: David Miller <davem@...emloft.net>
To: vincent.stehle@...oste.net
Cc: linux-arm-kernel@...ts.infradead.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, sgoutham@...ium.com
Subject: Re: [PATCH] net: thunderx: avoid dereferencing xcv when NULL
From: Vincent Stehlé <vincent.stehle@...oste.net>
Date: Mon, 30 Jan 2017 15:06:43 +0100
> This fixes the following smatch and coccinelle warnings:
>
> drivers/net/ethernet/cavium/thunder/thunder_xcv.c:119 xcv_setup_link() error: we previously assumed 'xcv' could be null (see line 118) [smatch]
> drivers/net/ethernet/cavium/thunder/thunder_xcv.c:119:16-20: ERROR: xcv is NULL but dereferenced. [coccinelle]
>
> Fixes: 6465859aba1e66a5 ("net: thunderx: Add RGMII interface type support")
> Signed-off-by: Vincent Stehlé <vincent.stehle@...oste.net>
> Cc: Sunil Goutham <sgoutham@...ium.com>
I've applied this, but wow this is some code that needs fixing on a more
fundamental level.
Having a global pointer for a device private and assuming only one instance
of a PCI device ID will ever be probe in a system is really wrong.
This is true even in all known machines or configurations this might
be true.
It leads to exactly the kinds of problems shown here.
Objects should be probed by instance, and if operations need to
be performed on it, a pointer to the software state for that object
instance should be passed around. Rather than having an implicit
single object.
Powered by blists - more mailing lists