From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 765D9C43334 for ; Thu, 9 Jun 2022 15:21:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=WaE3HPbOFOeIpb3Zyb/uEUo+dfLEzQfFQuXmCYmkqTw=; b=fL5M4U7J/JFBbD O29ywJkQy3fImMb/gddylraGMeWQe97Hlb8lzmwZ8axV5XOMaFWwYkjYoPPnZTiIYOM3lW7XisAOG 8EKe4jvpARzmXupGl29O4BCz59gDTrzEoDd7eQZOgpV08bvP3fv6Na8Vh50+4FvcgoDuaf8Ttp4sm AfjX9P6ujex6/8qw4+fMErbTS/6RRg+mT2N5mE3cGDGwfzi1dZKyCcuInEzUj9qEVfoBKYMODTW+a yjgnzv7so5cI6C8xNjTnB53KOHO5tizs2vYZct865J9se6s/xfHmJWiXBlcDW+v3jNGVNlQoynG+J a16hYuAH2D9adupJ4l+A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nzJxM-002hSv-NQ; Thu, 09 Jun 2022 15:20:21 +0000 Received: from sin.source.kernel.org ([2604:1380:40e1:4800::1]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nzJxI-002hPe-Hn for linux-arm-kernel@lists.infradead.org; Thu, 09 Jun 2022 15:20:19 +0000 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sin.source.kernel.org (Postfix) with ESMTPS id 1C84FCE2F53; Thu, 9 Jun 2022 15:20:10 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6C823C3411B; Thu, 9 Jun 2022 15:20:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1654788008; bh=fBki9nO6xq1gqJlRzYx6W6ZH8oFXBaFxwwteOEGxAwg=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=bKMssPoBaSxYbTDnpkbJxcD5hXLG3SLBoRT0Uw1r+Jtw3Bsmo2O9TgWckgMz2ApM1 4Vg+rtmeTsg5xsA+71R3ReTP2VEtG6ILnd/LCxxjlgoivpflo7w0FFXm7qMaT+ApH6 4/KTOQs4TWpZdRS1TbA6fzaBFZKftMwTJOjDIBboDygODUD/e1cb1azkFzx7qkFSB3 WrIDjAnG82wXQhN33/bYrEekqrLJPxLxxlhQyArVaLLK/KnnWi9fjcQkvTohYicQhf FTHc0fWQXbGJEBv6nUu7jBLHdAa0CdC93G0Ib+vMvshzbJl8ktszbe1Cx+ArvsoxO0 FXe3PANAfLKDw== Date: Thu, 9 Jun 2022 16:20:03 +0100 From: Will Deacon To: Chen Jun Cc: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, catalin.marinas@arm.com, xuqiang36@huawei.com Subject: Re: [PATCH] arm64/smp: check !ipi_desc[i] in arch_show_interrupts Message-ID: <20220609152003.GC3289@willie-the-truck> References: <20220527082236.78037-1-chenjun102@huawei.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20220527082236.78037-1-chenjun102@huawei.com> User-Agent: Mutt/1.10.1 (2018-07-13) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220609_082016_781484_96B52669 X-CRM114-Status: GOOD ( 20.35 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Fri, May 27, 2022 at 08:22:36AM +0000, Chen Jun wrote: > There is a potential dereferencing null pointer issue in > arch_show_interrupts. > > Problem 1: > int arch_show_interrupts(struct seq_file *p, int prec) > for (i = 0; i < NR_IPI; i++) { > seq_printf(p, "%10u ", irq_desc_kstat_cpu(ipi_desc[i], > cpu)); > > Only ipi_desc[0..nr_ipi - 1] are initialized in set_smp_ipi_range. > and ipi_desc[nr_ipi..NR_IPI] are NULL. > irq_desc_kstat_cpu will dereference NULL pointer. > For now, the problem can not be triggered, because NR_IPI is always > equal to nr_ipi. > > Problem 2: > If request_percpu_irq failed in set_smp_ipi_range, ipi_desc[i] > would be NULL. > irq_desc_kstat_cpu will dereference NULL pointer. > > check !ipi_desc[i] (as arm does) to avoid the problem. > > Signed-off-by: Chen Jun > --- > arch/arm64/kernel/smp.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/arch/arm64/kernel/smp.c b/arch/arm64/kernel/smp.c > index 62ed361a4376..3d54f464428b 100644 > --- a/arch/arm64/kernel/smp.c > +++ b/arch/arm64/kernel/smp.c > @@ -781,6 +781,9 @@ int arch_show_interrupts(struct seq_file *p, int prec) > unsigned int cpu, i; > > for (i = 0; i < NR_IPI; i++) { > + if (!ipi_desc[i]) > + continue; Why not just use nr_ipi instead of NR_IPI? Will _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel