| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250519212237.1986368-1-sashal@kernel.org> Date: Mon, 19 May 2025 17:22:27 -0400 From: Sasha Levin <sashal@...nel.org> To: patches@...ts.linux.dev, stable@...r.kernel.org Cc: Purva Yeshi <purvayeshi550@...il.com>, Dave Jiang <dave.jiang@...el.com>, Vinicius Costa Gomes <vinicius.gomes@...el.com>, Vinod Koul <vkoul@...nel.org>, Sasha Levin <sashal@...nel.org>, dmaengine@...r.kernel.org, linux-kernel@...r.kernel.org Subject: [PATCH AUTOSEL 6.6 01/11] dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open From: Purva Yeshi <purvayeshi550@...il.com> [ Upstream commit 97994333de2b8062d2df4e6ce0dc65c2dc0f40dc ] Fix Smatch-detected issue: drivers/dma/idxd/cdev.c:321 idxd_cdev_open() error: uninitialized symbol 'sva'. 'sva' pointer may be used uninitialized in error handling paths. Specifically, if PASID support is enabled and iommu_sva_bind_device() returns an error, the code jumps to the cleanup label and attempts to call iommu_sva_unbind_device(sva) without ensuring that sva was successfully assigned. This triggers a Smatch warning about an uninitialized symbol. Initialize sva to NULL at declaration and add a check using IS_ERR_OR_NULL() before unbinding the device. This ensures the function does not use an invalid or uninitialized pointer during cleanup. Signed-off-by: Purva Yeshi <purvayeshi550@...il.com> Reviewed-by: Dave Jiang <dave.jiang@...el.com> Acked-by: Vinicius Costa Gomes <vinicius.gomes@...el.com> Link: https://lore.kernel.org/r/20250410110216.21592-1-purvayeshi550@gmail.com Signed-off-by: Vinod Koul <vkoul@...nel.org> Signed-off-by: Sasha Levin <sashal@...nel.org> --- drivers/dma/idxd/cdev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/dma/idxd/cdev.c b/drivers/dma/idxd/cdev.c index c18633ad8455f..c9eea639a749e 100644 --- a/drivers/dma/idxd/cdev.c +++ b/drivers/dma/idxd/cdev.c @@ -225,7 +225,7 @@ static int idxd_cdev_open(struct inode *inode, struct file *filp) struct idxd_wq *wq; struct device *dev, *fdev; int rc = 0; - struct iommu_sva *sva; + struct iommu_sva *sva = NULL; unsigned int pasid; struct idxd_cdev *idxd_cdev; @@ -322,7 +322,7 @@ static int idxd_cdev_open(struct inode *inode, struct file *filp) if (device_user_pasid_enabled(idxd)) idxd_xa_pasid_remove(ctx); failed_get_pasid: - if (device_user_pasid_enabled(idxd)) + if (device_user_pasid_enabled(idxd) && !IS_ERR_OR_NULL(sva)) iommu_sva_unbind_device(sva); failed: mutex_unlock(&wq->wq_lock); -- 2.39.5
Powered by blists - more mailing lists