[PATCH 01/11] genirq: Ensure IRQ descriptor is valid when setting-up the IRQ

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jon Hunter <jonathanh@nvidia.com>
To: Marc Zyngier <marc.zyngier@arm.com>
Cc: Thomas Gleixner <tglx@linutronix.de>,
	Jason Cooper <jason@lakedaemon.net>,
	linux-kernel@vger.kernel.org, linux-tegra@vger.kernel.org,
	Jon Hunter <jonathanh@nvidia.com>
Subject: [PATCH 01/11] genirq: Ensure IRQ descriptor is valid when setting-up the IRQ
Date: Tue, 10 May 2016 16:14:35 +0100	[thread overview]
Message-ID: <1462893285-13515-2-git-send-email-jonathanh@nvidia.com> (raw)
In-Reply-To: <1462893285-13515-1-git-send-email-jonathanh@nvidia.com>

In the function, setup_irq(), we don't check that the descriptor
returned from irq_to_desc() is valid before we start using it. For
example chip_bus_lock() called from setup_irq(), assumes that the
descriptor pointer is valid and doesn't check before dereferencing it.

In many other functions including setup/free_percpu_irq() we do check
that the descriptor returned is not NULL and therefore add the same test
to setup_irq() to ensure the descriptor returned is valid.

Signed-off-by: Jon Hunter <jonathanh@nvidia.com>
---
 kernel/irq/manage.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/irq/manage.c b/kernel/irq/manage.c
index cc1cc641d653..ef0bc02c3a70 100644
--- a/kernel/irq/manage.c
+++ b/kernel/irq/manage.c
@@ -1407,7 +1407,7 @@ int setup_irq(unsigned int irq, struct irqaction *act)
 	int retval;
 	struct irq_desc *desc = irq_to_desc(irq);
 
-	if (WARN_ON(irq_settings_is_per_cpu_devid(desc)))
+	if (!desc || WARN_ON(irq_settings_is_per_cpu_devid(desc)))
 		return -EINVAL;
 	chip_bus_lock(desc);
 	retval = __setup_irq(irq, desc, act);
-- 
2.1.4

WARNING: multiple messages have this Message-ID (diff)

From: Jon Hunter <jonathanh@nvidia.com>
To: Marc Zyngier <marc.zyngier@arm.com>
Cc: Thomas Gleixner <tglx@linutronix.de>,
	Jason Cooper <jason@lakedaemon.net>,
	<linux-kernel@vger.kernel.org>, <linux-tegra@vger.kernel.org>,
	Jon Hunter <jonathanh@nvidia.com>
Subject: [PATCH 01/11] genirq: Ensure IRQ descriptor is valid when setting-up the IRQ
Date: Tue, 10 May 2016 16:14:35 +0100	[thread overview]
Message-ID: <1462893285-13515-2-git-send-email-jonathanh@nvidia.com> (raw)
In-Reply-To: <1462893285-13515-1-git-send-email-jonathanh@nvidia.com>

In the function, setup_irq(), we don't check that the descriptor
returned from irq_to_desc() is valid before we start using it. For
example chip_bus_lock() called from setup_irq(), assumes that the
descriptor pointer is valid and doesn't check before dereferencing it.

In many other functions including setup/free_percpu_irq() we do check
that the descriptor returned is not NULL and therefore add the same test
to setup_irq() to ensure the descriptor returned is valid.

Signed-off-by: Jon Hunter <jonathanh@nvidia.com>
---
 kernel/irq/manage.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/irq/manage.c b/kernel/irq/manage.c
index cc1cc641d653..ef0bc02c3a70 100644
--- a/kernel/irq/manage.c
+++ b/kernel/irq/manage.c
@@ -1407,7 +1407,7 @@ int setup_irq(unsigned int irq, struct irqaction *act)
 	int retval;
 	struct irq_desc *desc = irq_to_desc(irq);
 
-	if (WARN_ON(irq_settings_is_per_cpu_devid(desc)))
+	if (!desc || WARN_ON(irq_settings_is_per_cpu_devid(desc)))
 		return -EINVAL;
 	chip_bus_lock(desc);
 	retval = __setup_irq(irq, desc, act);
-- 
2.1.4

next prev parent reply	other threads:[~2016-05-10 15:14 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-05-10 15:14 [PATCH 00/11] Various IRQ and GIC fixes and clean-ups Jon Hunter
2016-05-10 15:14 ` Jon Hunter
2016-05-10 15:14 ` Jon Hunter [this message]
2016-05-10 15:14   ` [PATCH 01/11] genirq: Ensure IRQ descriptor is valid when setting-up the IRQ Jon Hunter
2016-05-10 15:14 ` [PATCH 02/11] irqdomain: Warn if we fail to set the IRQ type Jon Hunter
2016-05-10 15:14   ` Jon Hunter
     [not found]   ` <1462893285-13515-3-git-send-email-jonathanh-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
2016-05-10 17:25     ` Marc Zyngier
2016-05-10 17:25       ` Marc Zyngier
     [not found]       ` <57321998.2060008-5wv7dgnIgG8@public.gmane.org>
2016-05-10 18:00         ` Jon Hunter
2016-05-10 18:00           ` Jon Hunter
     [not found]           ` <573221CC.2080102-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
2016-05-10 18:06             ` Jon Hunter
2016-05-10 18:06               ` Jon Hunter
2016-05-10 15:14 ` [PATCH 04/11] irqchip/gic: Don't unnecessarily write the IRQ configuration Jon Hunter
2016-05-10 15:14   ` Jon Hunter
     [not found] ` <1462893285-13515-1-git-send-email-jonathanh-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
2016-05-10 15:14   ` [PATCH 03/11] irqchip: Mask the non-type/sense bits when translating an IRQ Jon Hunter
2016-05-10 15:14     ` Jon Hunter
2016-05-10 15:14   ` [PATCH 05/11] irqchip/gic: WARN if setting the interrupt type for a PPI fails Jon Hunter
2016-05-10 15:14     ` Jon Hunter
2016-05-10 15:14   ` [PATCH 08/11] irqchip/gic: Return an error if GIC initialisation fails Jon Hunter
2016-05-10 15:14     ` Jon Hunter
2016-05-10 15:14 ` [PATCH 06/11] irqchip/gic: Don't initialise chip if mapping IO space fails Jon Hunter
2016-05-10 15:14   ` Jon Hunter
2016-05-10 15:14 ` [PATCH 07/11] irqchip/gic: Remove static irq_chip definition for eoimode1 Jon Hunter
2016-05-10 15:14   ` Jon Hunter
2016-05-10 15:14 ` [PATCH 09/11] irqchip/gic: Pass GIC pointer to save/restore functions Jon Hunter
2016-05-10 15:14   ` Jon Hunter
2016-05-10 15:14 ` [PATCH 10/11] irqchip/gic: Store GIC configuration parameters Jon Hunter
2016-05-10 15:14   ` Jon Hunter
2016-05-10 15:14 ` [PATCH 11/11] irqchip/gic: Add helper functions for GIC setup and teardown Jon Hunter
2016-05-10 15:14   ` Jon Hunter

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:cc1cc641d65 dfblob:ef0bc02c3a7 dfblob:cc1cc641d65
dfblob:ef0bc02c3a7 )
 OR (
bs:"[PATCH 01/11] genirq: Ensure IRQ descriptor is valid when setting-up the IRQ" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1462893285-13515-2-git-send-email-jonathanh@nvidia.com \
    --to=jonathanh@nvidia.com \
    --cc=jason@lakedaemon.net \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-tegra@vger.kernel.org \
    --cc=marc.zyngier@arm.com \
    --cc=tglx@linutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.