From: Dan Carpenter <dan.carpenter@oracle.com>
To: Shijith Thotton <sthotton@marvell.com>
Cc: Arnaud Ebalard <arno@natisbad.org>,
Herbert Xu <herbert@gondor.apana.org.au>,
Boris Brezillon <bbrezillon@kernel.org>,
linux-crypto@vger.kernel.org, jerinj@marvell.com,
sgoutham@marvell.com, Srujana Challa <schalla@marvell.com>,
"David S. Miller" <davem@davemloft.net>,
Harman Kalra <hkalra@marvell.com>,
Yang Yingliang <yangyingliang@huawei.com>,
Kees Cook <keescook@chromium.org>,
Jiapeng Chong <jiapeng.chong@linux.alibaba.com>,
open list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] crypto: octeontx2: fix potential null pointer access
Date: Fri, 27 May 2022 11:19:28 +0300 [thread overview]
Message-ID: <20220527081928.GO2168@kadam> (raw)
In-Reply-To: <da89ba20819ad3ca6b99f9ef056f2bc1b076dc6d.1653632699.git.sthotton@marvell.com>
On Fri, May 27, 2022 at 01:27:56PM +0530, Shijith Thotton wrote:
> Added missing checks to avoid null pointer dereference.
>
> The patch fixes below issues reported by klocwork tool:
Don't fix false positives to make a tool happy. Fix the tool. (Unless
the patch makes the code simpler, then it's fine).
> 1. Pointer 'pcim_iomap_table(pdev)' returned from call to function
> 'pcim_iomap_table' at line 365 may be NULL and will be dereferenced
> at line 365 in otx2_cptvf_main.c. Also there is a similar error on
> line 734 in otx2_cptpf_main.c.
> 2. Pointer 'strsep( &val, ":" )' returned from call to function 'strsep'
> at line 1608 may be NULL and will be dereferenced at line 1608. Also
> there are 2 similar errors on lines 1620, 1632 in otx2_cptpf_ucode.c.
>
> Signed-off-by: Shijith Thotton <sthotton@marvell.com>
> ---
> .../crypto/marvell/octeontx2/otx2_cptpf_main.c | 9 ++++++++-
> .../marvell/octeontx2/otx2_cptpf_ucode.c | 18 +++++++++++++++---
> .../crypto/marvell/octeontx2/otx2_cptvf_main.c | 9 ++++++++-
> 3 files changed, 31 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/crypto/marvell/octeontx2/otx2_cptpf_main.c b/drivers/crypto/marvell/octeontx2/otx2_cptpf_main.c
> index a402ccfac557..ae57cee424f0 100644
> --- a/drivers/crypto/marvell/octeontx2/otx2_cptpf_main.c
> +++ b/drivers/crypto/marvell/octeontx2/otx2_cptpf_main.c
> @@ -703,6 +703,7 @@ static int otx2_cptpf_probe(struct pci_dev *pdev,
> {
> struct device *dev = &pdev->dev;
> struct otx2_cptpf_dev *cptpf;
> + void __iomem * const *iomap;
> int err;
>
> cptpf = devm_kzalloc(dev, sizeof(*cptpf), GFP_KERNEL);
> @@ -731,7 +732,13 @@ static int otx2_cptpf_probe(struct pci_dev *pdev,
> pci_set_drvdata(pdev, cptpf);
> cptpf->pdev = pdev;
>
> - cptpf->reg_base = pcim_iomap_table(pdev)[PCI_PF_REG_BAR_NUM];
> + iomap = pcim_iomap_table(pdev);
I don't know if a check is required here or not... The comments to
pcim_iomap_table() say it is, "guaranteed to succeed once allocated."
> + if (!iomap) {
> + dev_err(dev, "Failed to get iomap table\n");
> + err = -ENODEV;
> + goto clear_drvdata;
> + }
> + cptpf->reg_base = iomap[PCI_PF_REG_BAR_NUM];
>
> /* Check if AF driver is up, otherwise defer probe */
> err = cpt_is_pf_usable(cptpf);
> diff --git a/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c b/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c
> index 9cba2f714c7e..b91401929fc6 100644
> --- a/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c
> +++ b/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c
> @@ -1605,7 +1605,11 @@ int otx2_cpt_dl_custom_egrp_create(struct otx2_cptpf_dev *cptpf,
> if (!strncasecmp(val, "se", 2) && strchr(val, ':')) {
^^^^^^^^^^^^^^^^
We know it can't be NULL.
> if (has_se || ucode_idx)
> goto err_print;
> - tmp = strim(strsep(&val, ":"));
> + tmp = strsep(&val, ":");
> + if (tmp != NULL)
> + tmp = strim(tmp);
> + else
> + goto err_print;
> if (!val)
> goto err_print;
> if (strlen(tmp) != 2)
The rest is all the same. Likely or definitely false positives.
regards,
dan carpenter
next prev parent reply other threads:[~2022-05-27 8:20 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-27 7:57 [PATCH] crypto: octeontx2: fix potential null pointer access Shijith Thotton
2022-05-27 8:19 ` Dan Carpenter [this message]
2022-05-27 9:40 ` [EXT] " Shijith Thotton
2022-05-27 10:04 ` Dan Carpenter
2022-05-27 11:14 ` Shijith Thotton
2022-05-27 8:23 ` Dan Carpenter
2022-05-27 9:42 ` [EXT] " Shijith Thotton
2022-06-01 8:08 ` [PATCH v2] " Shijith Thotton
2022-06-10 9:16 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220527081928.GO2168@kadam \
--to=dan.carpenter@oracle.com \
--cc=arno@natisbad.org \
--cc=bbrezillon@kernel.org \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=hkalra@marvell.com \
--cc=jerinj@marvell.com \
--cc=jiapeng.chong@linux.alibaba.com \
--cc=keescook@chromium.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=schalla@marvell.com \
--cc=sgoutham@marvell.com \
--cc=sthotton@marvell.com \
--cc=yangyingliang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).