From: "Jiawen Wu" <jiawenwu@trustnetic.com>
To: "'Bjorn Helgaas'" <helgaas@kernel.org>
Cc: "'Rafael J. Wysocki'" <rafael@kernel.org>,
"'Tony Luck'" <tony.luck@intel.com>,
"'Borislav Petkov'" <bp@alien8.de>,
"'Hanjun Guo'" <guohanjun@huawei.com>,
"'Mauro Carvalho Chehab'" <mchehab@kernel.org>,
"'Shuai Xue'" <xueshuai@linux.alibaba.com>,
"'Len Brown'" <lenb@kernel.org>,
"'Shiju Jose'" <shiju.jose@huawei.com>,
"'Bjorn Helgaas'" <bhelgaas@google.com>,
<linux-acpi@vger.kernel.org>, <linux-kernel@vger.kernel.org>
Subject: RE: [PATCH] ACPI: APEI: Avoid NULL pointer dereference in ghes_estatus_pool_region_free
Date: Wed, 4 Feb 2026 10:03:34 +0800 [thread overview]
Message-ID: <06ed01dc957a$7823c0b0$686b4210$@trustnetic.com> (raw)
In-Reply-To: <20260203225509.GA195397@bhelgaas>
On Wed, Feb 4, 2026 6:55 AM, Bjorn Helgaas wrote:
> On Tue, Feb 03, 2026 at 10:12:32AM +0800, Jiawen Wu wrote:
> > The function ghes_estatus_pool_region_free() is exported and be called
> > by the PCIe AER recovery path, which unconditionally invokes it to free
> > aer_capability_regs memory.
> >
> > Although current AER usage assumes memory comes from the GHES pool,
> > robustness requires guarding against pool unavailability. Add a NULL check
> > before calling gen_pool_free() to prevent crashes when the pool is not
> > initialized. This also makes the API safer for potential future use by
> > non-GHES callers.
>
> I'm not sure what you mean by "pool unavailability." I think getting
> here with ghes_estatus_pool==NULL means we have a logic error
> somewhere, and I don't think we should silently hide that error.
>
> I'm generally in favor of *not* checking so we find out if the caller
> forgot to keep track of the pointer correctly.
"pool unavailability" means that when I attempt to call
aer_recover_queue() in a ethernet driver, which does not create
ghes_estatus_pool, it leads to a NULL pointer dereference.
next prev parent reply other threads:[~2026-02-04 2:04 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-03 2:12 [PATCH] ACPI: APEI: Avoid NULL pointer dereference in ghes_estatus_pool_region_free Jiawen Wu
2026-02-03 12:56 ` Rafael J. Wysocki
2026-02-04 1:52 ` Jiawen Wu
2026-02-03 22:55 ` Bjorn Helgaas
2026-02-04 2:03 ` Jiawen Wu [this message]
2026-02-04 21:46 ` Bjorn Helgaas
2026-02-05 3:11 ` Jiawen Wu
2026-02-05 15:39 ` Bjorn Helgaas
2026-02-06 8:15 ` Jiawen Wu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='06ed01dc957a$7823c0b0$686b4210$@trustnetic.com' \
--to=jiawenwu@trustnetic.com \
--cc=bhelgaas@google.com \
--cc=bp@alien8.de \
--cc=guohanjun@huawei.com \
--cc=helgaas@kernel.org \
--cc=lenb@kernel.org \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mchehab@kernel.org \
--cc=rafael@kernel.org \
--cc=shiju.jose@huawei.com \
--cc=tony.luck@intel.com \
--cc=xueshuai@linux.alibaba.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.