From: Louis Peens <louis.peens@corigine.com>
To: Denis Arefev <arefev@swemel.ru>
Cc: Jakub Kicinski <kuba@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Paolo Abeni <pabeni@redhat.com>,
oss-drivers@corigine.com, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, lvc-project@linuxtesting.org
Subject: Re: [PATCH] nfp: flower: Added pointer check and continue.
Date: Fri, 17 Nov 2023 16:27:17 +0200 [thread overview]
Message-ID: <ZVd4RYURdHLL+F2h@LouisNoVo> (raw)
In-Reply-To: <20231117125701.58927-1-arefev@swemel.ru>
On Fri, Nov 17, 2023 at 03:57:01PM +0300, Denis Arefev wrote:
>
> Return value of a function 'kmalloc_array' is dereferenced at
> lag_conf.c without checking for null, but it is usually
> checked for this function.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Signed-off-by: Denis Arefev <arefev@swemel.ru>
> ---
> drivers/net/ethernet/netronome/nfp/flower/lag_conf.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/drivers/net/ethernet/netronome/nfp/flower/lag_conf.c b/drivers/net/ethernet/netronome/nfp/flower/lag_conf.c
> index 88d6d992e7d0..8cc6cce73283 100644
> --- a/drivers/net/ethernet/netronome/nfp/flower/lag_conf.c
> +++ b/drivers/net/ethernet/netronome/nfp/flower/lag_conf.c
> @@ -339,6 +339,11 @@ static void nfp_fl_lag_do_work(struct work_struct *work)
> acti_netdevs = kmalloc_array(entry->slave_cnt,
> sizeof(*acti_netdevs), GFP_KERNEL);
>
> + if (!acti_netdevs) {
> + schedule_delayed_work(&lag->work, NFP_FL_LAG_DELAY);
> + continue;
> + }
> +
Thanks for reporting this Denis, it definitely seems to be an oversight.
Would you mind adding a 'nfp_flower_cmsg_warn' here as well, so that
this case does not go undetected? Maybe something like "cannot
allocate memory for group processing" can work.
> /* Include sanity check in the loop. It may be that a bond has
> * changed between processing the last notification and the
> * work queue triggering. If the number of slaves has changed
> --
> 2.25.1
>
next prev parent reply other threads:[~2023-11-17 14:27 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-17 12:57 [PATCH] nfp: flower: Added pointer check and continue Denis Arefev
2023-11-17 14:27 ` Louis Peens [this message]
2023-11-19 4:22 ` Jakub Kicinski
2023-11-20 7:04 ` Louis Peens
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZVd4RYURdHLL+F2h@LouisNoVo \
--to=louis.peens@corigine.com \
--cc=arefev@swemel.ru \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lvc-project@linuxtesting.org \
--cc=netdev@vger.kernel.org \
--cc=oss-drivers@corigine.com \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.