lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <04ba20e6-ce2c-4e47-8884-c563b931cd66@gmail.com>
Date: Fri, 30 May 2025 10:35:54 -0500
From: stuart hayes <stuart.w.hayes@...il.com>
To: Ilpo Järvinen <ilpo.jarvinen@...ux.intel.com>
Cc: LKML <linux-kernel@...r.kernel.org>, Hans de Goede <hdegoede@...hat.com>,
 platform-driver-x86@...r.kernel.org
Subject: Re: [PATCH v3 2/4] platform/x86: dell_rbu: Fix list usage

On 5/30/2025 10:25 AM, Ilpo Järvinen wrote:
> On Fri, 30 May 2025, stuart hayes wrote:
> 
>> On 5/30/2025 2:54 AM, Ilpo Järvinen wrote:
>>> On Thu, 29 May 2025, Stuart Hayes wrote:
>>>
>>>> Stop using an entire struct packet_data just for the embedded list_head,
>>>> and fix usage of that list_head.
>>>>
>>>> Fixes: d19f359fbdc6 ("platform/x86: dell_rbu: don't open code
>>>> list_for_each_entry*()")
>>>> Signed-off-by: Stuart Hayes <stuart.w.hayes@...il.com>
>>>
>>> Isn't this just refactor so Fixes tag for this commit is not warranted?
>>>
>>
>> No. The patch that this fixes had converted the driver to use
>> list_for_each_entry*() to loop through the packet list instead of a while
>> loop. But it passed (&packet_data_head.list)->next to list_for_each_entry*()
>> instead of the list head itself.
>>
>> That resulted in to issues. In the function that prints the packets, it would
>> start with the wrong packet, and in the function that deletes the packets, it
>> would get a null pointer dereference when it tried to zero out the data
>> associated with the packet that held the actual list head.
> 
> Oh, I see that difference now. Good catch.
> 
> However, that also means the ->next part is wrong and there are two
> independent changes here, one that fixes this ->next problem and then the
> refactoring of packet_data_head to packet_data_list?
> 

Correct. Do you want those as two separate patches?

>>>> ---
>>>>    drivers/platform/x86/dell/dell_rbu.c | 10 +++++-----
>>>>    1 file changed, 5 insertions(+), 5 deletions(-)
>>>>
>>>> diff --git a/drivers/platform/x86/dell/dell_rbu.c
>>>> b/drivers/platform/x86/dell/dell_rbu.c
>>>> index 7b019fb72e86..c03d4d55fcc1 100644
>>>> --- a/drivers/platform/x86/dell/dell_rbu.c
>>>> +++ b/drivers/platform/x86/dell/dell_rbu.c
>>>> @@ -77,14 +77,14 @@ struct packet_data {
>>>>    	int ordernum;
>>>>    };
>>>>    -static struct packet_data packet_data_head;
>>>> +static struct list_head packet_data_list;
>>>>      static struct platform_device *rbu_device;
>>>>    static int context;
>>>>      static void init_packet_head(void)
>>>>    {
>>>> -	INIT_LIST_HEAD(&packet_data_head.list);
>>>> +	INIT_LIST_HEAD(&packet_data_list);
>>>>    	rbu_data.packet_read_count = 0;
>>>>    	rbu_data.num_packets = 0;
>>>>    	rbu_data.packetsize = 0;
>>>> @@ -183,7 +183,7 @@ static int create_packet(void *data, size_t length)
>>>> __must_hold(&rbu_data.lock)
>>>>      	/* initialize the newly created packet headers */
>>>>    	INIT_LIST_HEAD(&newpacket->list);
>>>> -	list_add_tail(&newpacket->list, &packet_data_head.list);
>>>> +	list_add_tail(&newpacket->list, &packet_data_list);
>>>>      	memcpy(newpacket->data, data, length);
>>>>    @@ -292,7 +292,7 @@ static int packet_read_list(char *data, size_t *
>>>> pread_length)
>>>>    	remaining_bytes = *pread_length;
>>>>    	bytes_read = rbu_data.packet_read_count;
>>>>    -	list_for_each_entry(newpacket, (&packet_data_head.list)->next, list) {
>>>> +	list_for_each_entry(newpacket, &packet_data_list, list) {
>>>>    		bytes_copied = do_packet_read(pdest, newpacket,
>>>>    			remaining_bytes, bytes_read, &temp_count);
>>>>    		remaining_bytes -= bytes_copied;
>>>> @@ -315,7 +315,7 @@ static void packet_empty_list(void)
>>>>    {
>>>>    	struct packet_data *newpacket, *tmp;
>>>>    -	list_for_each_entry_safe(newpacket, tmp,
>>>> (&packet_data_head.list)->next, list) {
>>>> +	list_for_each_entry_safe(newpacket, tmp, &packet_data_list, list) {
>>>>    		list_del(&newpacket->list);
>>>>      		/*
>>>>
>>>
>>
> 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ