| Message ID | 20210601163801.17848-1-novikov@ispras.ru |
|---|---|
| State | New |
| Headers | show |
| Series | AMD_SFH: Fix potential NULL pointer dereference | expand |
On Tue, 1 Jun 2021, Evgeny Novikov wrote: > devm_add_action_or_reset() can suddenly invoke amd_mp2_pci_remove() at > registration that will cause NULL pointer dereference since > corresponding data is not initialized yet. The patch moves > initialization of data before devm_add_action_or_reset(). > > Found by Linux Driver Verification project (linuxtesting.org). > > Signed-off-by: Evgeny Novikov <novikov@ispras.ru> Nehal, Basavaraj, could you please Review/Ack this one? Thanks, -- Jiri Kosina SUSE Labs
Adding Basavaraj -----Original Message----- From: Jiri Kosina <jikos@kernel.org> Sent: Wednesday, September 15, 2021 8:28 PM To: Evgeny Novikov <novikov@ispras.ru> Cc: Shah, Nehal-bakulchandra <Nehal-bakulchandra.Shah@amd.com>; Sandeep Singh <sandeep.singh@amd.com>; Benjamin Tissoires <benjamin.tissoires@redhat.com>; linux-input@vger.kernel.org; linux-kernel@vger.kernel.org; ldv-project@linuxtesting.org Subject: Re: [PATCH] AMD_SFH: Fix potential NULL pointer dereference On Tue, 1 Jun 2021, Evgeny Novikov wrote: > devm_add_action_or_reset() can suddenly invoke amd_mp2_pci_remove() at > registration that will cause NULL pointer dereference since > corresponding data is not initialized yet. The patch moves > initialization of data before devm_add_action_or_reset(). > > Found by Linux Driver Verification project (linuxtesting.org). > > Signed-off-by: Evgeny Novikov <novikov@ispras.ru> Nehal, Basavaraj, could you please Review/Ack this one? Thanks, -- Jiri Kosina SUSE Labs
On 9/15/2021 11:02 PM, Shah, Nehal-bakulchandra wrote: > Adding Basavaraj > > -----Original Message----- > From: Jiri Kosina <jikos@kernel.org> > Sent: Wednesday, September 15, 2021 8:28 PM > To: Evgeny Novikov <novikov@ispras.ru> > Cc: Shah, Nehal-bakulchandra <Nehal-bakulchandra.Shah@amd.com>; Sandeep Singh <sandeep.singh@amd.com>; Benjamin Tissoires <benjamin.tissoires@redhat.com>; linux-input@vger.kernel.org; linux-kernel@vger.kernel.org; ldv-project@linuxtesting.org > Subject: Re: [PATCH] AMD_SFH: Fix potential NULL pointer dereference > > On Tue, 1 Jun 2021, Evgeny Novikov wrote: > >> devm_add_action_or_reset() can suddenly invoke amd_mp2_pci_remove() at >> registration that will cause NULL pointer dereference since >> corresponding data is not initialized yet. The patch moves >> initialization of data before devm_add_action_or_reset(). >> >> Found by Linux Driver Verification project (linuxtesting.org). >> >> Signed-off-by: Evgeny Novikov <novikov@ispras.ru> > Nehal, Basavaraj, could you please Review/Ack this one? > Patch looks good to me. Acked-by: Basavaraj Natikar <Basavaraj.Natikar@amd.com>
On Tue, 1 Jun 2021, Evgeny Novikov wrote: > devm_add_action_or_reset() can suddenly invoke amd_mp2_pci_remove() at > registration that will cause NULL pointer dereference since > corresponding data is not initialized yet. The patch moves > initialization of data before devm_add_action_or_reset(). > > Found by Linux Driver Verification project (linuxtesting.org). > > Signed-off-by: Evgeny Novikov <novikov@ispras.ru> Applied, thank you. -- Jiri Kosina SUSE Labs
diff --git a/drivers/hid/amd-sfh-hid/amd_sfh_pcie.c b/drivers/hid/amd-sfh-hid/amd_sfh_pcie.c index ddecc84fd6f0..8394565c4d01 100644 --- a/drivers/hid/amd-sfh-hid/amd_sfh_pcie.c +++ b/drivers/hid/amd-sfh-hid/amd_sfh_pcie.c @@ -160,11 +160,16 @@ static int amd_mp2_pci_probe(struct pci_dev *pdev, const struct pci_device_id *i rc = pci_set_dma_mask(pdev, DMA_BIT_MASK(32)); return rc; } + + rc = amd_sfh_hid_client_init(privdata); + if (rc) + return rc; + rc = devm_add_action_or_reset(&pdev->dev, amd_mp2_pci_remove, privdata); if (rc) return rc; - return amd_sfh_hid_client_init(privdata); + return 0; } static const struct pci_device_id amd_mp2_pci_tbl[] = {
devm_add_action_or_reset() can suddenly invoke amd_mp2_pci_remove() at registration that will cause NULL pointer dereference since corresponding data is not initialized yet. The patch moves initialization of data before devm_add_action_or_reset(). Found by Linux Driver Verification project (linuxtesting.org). Signed-off-by: Evgeny Novikov <novikov@ispras.ru> --- drivers/hid/amd-sfh-hid/amd_sfh_pcie.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)