lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250923-lurking-gaur-of-flowers-bb68f6@sudeepholla>
Date: Tue, 23 Sep 2025 10:59:46 +0100
From: Sudeep Holla <sudeep.holla@....com>
To: Kaushlendra Kumar <kaushlendra.kumar@...el.com>
Cc: gregkh@...uxfoundation.org, dakr@...nel.org, rafael@...nel.org,
	Sudeep Holla <sudeep.holla@....com>, linux-kernel@...r.kernel.org,
	stable@...r.kernel.org
Subject: Re: [PATCH v3] arch_topology: Fix incorrect error check in
 topology_parse_cpu_capacity()

On Tue, Sep 23, 2025 at 03:15:14PM +0530, Kaushlendra Kumar wrote:
> Fix incorrect use of PTR_ERR_OR_ZERO() in topology_parse_cpu_capacity()
> which causes the code to proceed with NULL clock pointers. The current
> logic uses !PTR_ERR_OR_ZERO(cpu_clk) which evaluates to true for both
> valid pointers and NULL, leading to potential NULL pointer dereference
> in clk_get_rate().
> 
> Per include/linux/err.h documentation, PTR_ERR_OR_ZERO(ptr) returns:
> "The error code within @ptr if it is an error pointer; 0 otherwise."
> 
> This means PTR_ERR_OR_ZERO() returns 0 for both valid pointers AND NULL
> pointers. Therefore !PTR_ERR_OR_ZERO(cpu_clk) evaluates to true (proceed)
> when cpu_clk is either valid or NULL, causing clk_get_rate(NULL) to be
> called when of_clk_get() returns NULL.
> 
> Replace with !IS_ERR_OR_NULL(cpu_clk) which only proceeds for valid
> pointers, preventing potential NULL pointer dereference in clk_get_rate().
> 
> Fixes: b8fe128dad8f ("arch_topology: Adjust initial CPU capacities with current freq")
> Cc: stable@...r.kernel.org
> 

I wonder if you missed my response on v1[1] before you sent v2/v3 so quickly.
The reviewed by tag still stands, just for sake of tools:

Reviewed-by: Sudeep Holla <sudeep.holla@....com>

-- 
Regards,
Sudeep

[1] https://lore.kernel.org/all/20250923-spectral-rich-shellfish-3ab26c@sudeepholla/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ