[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <a061d870-d0ce-a580-636d-600a9a4b006f@huawei.com>
Date: Wed, 16 Nov 2022 14:13:14 +0800
From: Hui Tang <tanghui20@...wei.com>
To: Jakub Kicinski <kuba@...nel.org>
CC: <davem@...emloft.net>, <edumazet@...gle.com>, <mw@...ihalf.com>,
<linux@...linux.org.uk>, <leon@...nel.org>, <andrew@...n.ch>,
<netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
<yusongping@...wei.com>
Subject: Re: [PATCH net v4] net: mvpp2: fix possible invalid pointer
dereference
On 2022/11/16 12:28, Jakub Kicinski wrote:
> On Wed, 16 Nov 2022 10:14:37 +0800 Hui Tang wrote:
>> It will cause invalid pointer dereference to priv->cm3_base behind,
>> if PTR_ERR(priv->cm3_base) in mvpp2_get_sram().
>>
>> Fixes: a59d354208a7 ("net: mvpp2: enable global flow control")
>> Signed-off-by: Hui Tang <tanghui20@...wei.com>
>
> Please do not repost new versions so often:
>
> https://www.kernel.org/doc/html/next/process/maintainer-netdev.html#tl-dr
>
> do not use --in-reply-to
Thanks for pointing out, but should I resend it with [PATCH net v3] or [PATCH net v5]?
>> diff --git a/drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c b/drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c
>> index d98f7e9a480e..efb582b63640 100644
>> --- a/drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c
>> +++ b/drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c
>> @@ -7349,6 +7349,7 @@ static int mvpp2_get_sram(struct platform_device *pdev,
>> struct mvpp2 *priv)
>> {
>> struct resource *res;
>> + void __iomem *base;
>>
>> res = platform_get_resource(pdev, IORESOURCE_MEM, 2);
>> if (!res) {
>> @@ -7359,9 +7360,11 @@ static int mvpp2_get_sram(struct platform_device *pdev,
>> return 0;
>> }
>>
>> - priv->cm3_base = devm_ioremap_resource(&pdev->dev, res);
>> + base = devm_ioremap_resource(&pdev->dev, res);
>> + if (!IS_ERR(base))
>> + priv->cm3_base = base;
>>
>> - return PTR_ERR_OR_ZERO(priv->cm3_base);
>> + return PTR_ERR_OR_ZERO(base);
>
> Use the idiomatic error handling, keep success path un-indented:
>
> ptr = function();
> if (IS_ERR(ptr))
> return PTR_ERR(ptr);
>
> priv->bla = ptr;
> return 0;
>
>
Ok, I will fix it in next version
Powered by blists - more mailing lists