lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Z6umJrdf0IsgAUWi@LQ3V64L9R2>
Date: Tue, 11 Feb 2025 11:33:58 -0800
From: Joe Damato <jdamato@...tly.com>
To: Wentao Liang <vulab@...as.ac.cn>
Cc: pavan.chebbi@...adcom.com, mchan@...adcom.com, andrew+netdev@...n.ch,
	davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
	pabeni@...hat.com, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] tg3: Check return value of tg3_nvram_lock before
 resetting lock

On Tue, Feb 11, 2025 at 11:26:58PM +0800, Wentao Liang wrote:
> The current code does not check the return value of tg3_nvram_lock before
> resetting the lock count (tp->nvram_lock_cnt = 0). This is dangerous
> because if tg3_nvram_lock fails, the lock state may be inconsistent,
> leading to potential race conditions or undefined behavior.
> 
> This patch adds a check for the return value of tg3_nvram_lock. If the
> function fails, the error is propagated to the caller, ensuring that
> the lock state remains consistent.
> 
> Signed-off-by: Wentao Liang <vulab@...as.ac.cn>
> ---
>  drivers/net/ethernet/broadcom/tg3.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/net/ethernet/broadcom/tg3.c b/drivers/net/ethernet/broadcom/tg3.c
> index 9cc8db10a8d6..851d19b3f43c 100644
> --- a/drivers/net/ethernet/broadcom/tg3.c
> +++ b/drivers/net/ethernet/broadcom/tg3.c
> @@ -9160,7 +9160,9 @@ static int tg3_chip_reset(struct tg3 *tp)
>  	if (!pci_device_is_present(tp->pdev))
>  		return -ENODEV;
>  
> -	tg3_nvram_lock(tp);
> +	err = tg3_nvram_lock(tp);
> +	if (err)
> +		return err;
>  
>  	tg3_ape_lock(tp, TG3_APE_LOCK_GRC);

A couple notes from me:

  1. Subject should say "PATCH net-next"
  2. Use --base=auto to generate a base-commit.
  3. code looks fine to me, tg3_nvram_lock is checked in all other
     invocations.
  4. that said, seems like tg3_ape_lock could have also gotten a
     check added at the same time?

I can see the argument that tg3_ape_lock cleanup should come
separately, since there are a few unchecked invocations of it other
than the one right next to the one you changed.

So, if you resend with 1 & 2 fixed, feel free to add:

Reviewed-by: Joe Damato <jdamato@...tly.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ