lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <202109150907.zXy9cIVX-lkp@intel.com>
Date:   Wed, 15 Sep 2021 10:58:31 +0300
From:   Dan Carpenter <dan.carpenter@...cle.com>
To:     kbuild@...ts.01.org, Jason Gunthorpe <jgg@...dia.com>
Cc:     lkp@...el.com, kbuild-all@...ts.01.org,
        linux-kernel@...r.kernel.org
Subject: [jgunthorpe:vfio_ccw 7/12] drivers/vfio/mdev/mdev_core.c:319
 mdev_device_create() warn: variable dereferenced before check 'drv' (see
 line 272)

tree:   https://github.com/jgunthorpe/linux vfio_ccw
head:   d0d01fdc87368c19ee6cac8e7ab2c0ef7ab33efb
commit: c7863bcc74538df3d39bd9407ae77f6ef778f7b3 [7/12] vfio/mdev: Add mdev available instance checking to the core
config: x86_64-randconfig-m001-20210914 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
Reported-by: Dan Carpenter <dan.carpenter@...cle.com>

smatch warnings:
drivers/vfio/mdev/mdev_core.c:319 mdev_device_create() warn: variable dereferenced before check 'drv' (see line 272)

vim +/drv +319 drivers/vfio/mdev/mdev_core.c

417fd5bf242d76 Jason Gunthorpe 2021-04-06  255  int mdev_device_create(struct mdev_type *type, const guid_t *uuid)
7b96953bc640b6 Kirti Wankhede  2016-11-17  256  {
7b96953bc640b6 Kirti Wankhede  2016-11-17  257  	int ret;
002fe996f67f4f Alex Williamson 2018-05-15  258  	struct mdev_device *mdev, *tmp;
a9f8111d0b5f44 Jason Gunthorpe 2021-04-06  259  	struct mdev_parent *parent = type->parent;
88a21f265ce50a Jason Gunthorpe 2021-06-17  260  	struct mdev_driver *drv = parent->ops->device_driver;
7b96953bc640b6 Kirti Wankhede  2016-11-17  261  
002fe996f67f4f Alex Williamson 2018-05-15  262  	mutex_lock(&mdev_list_lock);
7b96953bc640b6 Kirti Wankhede  2016-11-17  263  
7b96953bc640b6 Kirti Wankhede  2016-11-17  264  	/* Check for duplicate */
002fe996f67f4f Alex Williamson 2018-05-15  265  	list_for_each_entry(tmp, &mdev_list, next) {
278bca7f318e6a Andy Shevchenko 2019-01-10  266  		if (guid_equal(&tmp->uuid, uuid)) {
002fe996f67f4f Alex Williamson 2018-05-15  267  			mutex_unlock(&mdev_list_lock);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  268  			return -EEXIST;
002fe996f67f4f Alex Williamson 2018-05-15  269  		}
7b96953bc640b6 Kirti Wankhede  2016-11-17  270  	}
7b96953bc640b6 Kirti Wankhede  2016-11-17  271  
c7863bcc74538d Jason Gunthorpe 2021-09-07 @272  	if (drv->get_available) {
                                                            ^^^^^^^^^^^^^^^^^^
Dereference

c7863bcc74538d Jason Gunthorpe 2021-09-07  273  		if (!type->available) {
c7863bcc74538d Jason Gunthorpe 2021-09-07  274  			mutex_unlock(&mdev_list_lock);
c7863bcc74538d Jason Gunthorpe 2021-09-07  275  			return -EUSERS;
c7863bcc74538d Jason Gunthorpe 2021-09-07  276  		}
c7863bcc74538d Jason Gunthorpe 2021-09-07  277  		type->available--;
c7863bcc74538d Jason Gunthorpe 2021-09-07  278  	}
c7863bcc74538d Jason Gunthorpe 2021-09-07  279  
7b96953bc640b6 Kirti Wankhede  2016-11-17  280  	mdev = kzalloc(sizeof(*mdev), GFP_KERNEL);
7b96953bc640b6 Kirti Wankhede  2016-11-17  281  	if (!mdev) {
002fe996f67f4f Alex Williamson 2018-05-15  282  		mutex_unlock(&mdev_list_lock);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  283  		return -ENOMEM;
7b96953bc640b6 Kirti Wankhede  2016-11-17  284  	}
7b96953bc640b6 Kirti Wankhede  2016-11-17  285  
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  286  	device_initialize(&mdev->dev);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  287  	mdev->dev.parent  = parent->dev;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  288  	mdev->dev.bus = &mdev_bus_type;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  289  	mdev->dev.release = mdev_device_release;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  290  	mdev->dev.groups = parent->ops->mdev_attr_groups;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  291  	mdev->type = type;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  292  	/* Pairs with the put in mdev_device_release() */
fbea43239074e1 Jason Gunthorpe 2021-04-06  293  	kobject_get(&type->kobj);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  294  
278bca7f318e6a Andy Shevchenko 2019-01-10  295  	guid_copy(&mdev->uuid, uuid);
002fe996f67f4f Alex Williamson 2018-05-15  296  	list_add(&mdev->next, &mdev_list);
002fe996f67f4f Alex Williamson 2018-05-15  297  	mutex_unlock(&mdev_list_lock);
002fe996f67f4f Alex Williamson 2018-05-15  298  
18d731242d5c67 Jason Gunthorpe 2021-04-06  299  	ret = dev_set_name(&mdev->dev, "%pUl", uuid);
18d731242d5c67 Jason Gunthorpe 2021-04-06  300  	if (ret)
18d731242d5c67 Jason Gunthorpe 2021-04-06  301  		goto out_put_device;
7b96953bc640b6 Kirti Wankhede  2016-11-17  302  
5715c4dd66a315 Parav Pandit    2019-06-06  303  	/* Check if parent unregistration has started */
5715c4dd66a315 Parav Pandit    2019-06-06  304  	if (!down_read_trylock(&parent->unreg_sem)) {
5715c4dd66a315 Parav Pandit    2019-06-06  305  		ret = -ENODEV;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  306  		goto out_put_device;
5715c4dd66a315 Parav Pandit    2019-06-06  307  	}
5715c4dd66a315 Parav Pandit    2019-06-06  308  
88a21f265ce50a Jason Gunthorpe 2021-06-17  309  	if (parent->ops->create) {
c2ef2f50ad0ccf Jason Gunthorpe 2021-04-06  310  		ret = parent->ops->create(mdev);
522ecce08ab20b Parav Pandit    2019-06-06  311  		if (ret)
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  312  			goto out_unlock;
88a21f265ce50a Jason Gunthorpe 2021-06-17  313  	}
7b96953bc640b6 Kirti Wankhede  2016-11-17  314  
522ecce08ab20b Parav Pandit    2019-06-06  315  	ret = device_add(&mdev->dev);
7b96953bc640b6 Kirti Wankhede  2016-11-17  316  	if (ret)
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  317  		goto out_remove;
7b96953bc640b6 Kirti Wankhede  2016-11-17  318  
88a21f265ce50a Jason Gunthorpe 2021-06-17 @319  	if (!drv)
                                                            ^^^^
Check for NULL too late.  Probably move it forward.

88a21f265ce50a Jason Gunthorpe 2021-06-17  320  		drv = &vfio_mdev_driver;
88a21f265ce50a Jason Gunthorpe 2021-06-17  321  	ret = device_driver_attach(&drv->driver, &mdev->dev);
88a21f265ce50a Jason Gunthorpe 2021-06-17  322  	if (ret)
88a21f265ce50a Jason Gunthorpe 2021-06-17  323  		goto out_del;
88a21f265ce50a Jason Gunthorpe 2021-06-17  324  
417fd5bf242d76 Jason Gunthorpe 2021-04-06  325  	ret = mdev_create_sysfs_files(mdev);
522ecce08ab20b Parav Pandit    2019-06-06  326  	if (ret)
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  327  		goto out_del;
7b96953bc640b6 Kirti Wankhede  2016-11-17  328  
002fe996f67f4f Alex Williamson 2018-05-15  329  	mdev->active = true;
7b96953bc640b6 Kirti Wankhede  2016-11-17  330  	dev_dbg(&mdev->dev, "MDEV: created\n");
5715c4dd66a315 Parav Pandit    2019-06-06  331  	up_read(&parent->unreg_sem);
7b96953bc640b6 Kirti Wankhede  2016-11-17  332  
002fe996f67f4f Alex Williamson 2018-05-15  333  	return 0;
7b96953bc640b6 Kirti Wankhede  2016-11-17  334  
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  335  out_del:
522ecce08ab20b Parav Pandit    2019-06-06  336  	device_del(&mdev->dev);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  337  out_remove:
88a21f265ce50a Jason Gunthorpe 2021-06-17  338  	if (parent->ops->remove)
522ecce08ab20b Parav Pandit    2019-06-06  339  		parent->ops->remove(mdev);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  340  out_unlock:
5715c4dd66a315 Parav Pandit    2019-06-06  341  	up_read(&parent->unreg_sem);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06  342  out_put_device:
522ecce08ab20b Parav Pandit    2019-06-06  343  	put_device(&mdev->dev);
7b96953bc640b6 Kirti Wankhede  2016-11-17  344  	return ret;
7b96953bc640b6 Kirti Wankhede  2016-11-17  345  }

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ