linux-wireless.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Dan Carpenter <dan.carpenter@oracle.com>
To: johannes.berg@intel.com
Cc: linux-wireless@vger.kernel.org
Subject: [bug report] cfg80211: avoid holding the RTNL when calling the driver
Date: Mon, 25 Jan 2021 12:07:54 +0300	[thread overview]
Message-ID: <YA6KarkWBBT78rgd@mwanda> (raw)

Hello Johannes Berg,

This is a semi-automatic email about new static checker warnings.

The patch 791daf8fc49a: "cfg80211: avoid holding the RTNL when 
calling the driver" from Jan 19, 2021, leads to the following Smatch 
complaint:

    net/wireless/nl80211.c:3242 nl80211_set_wiphy()
    error: we previously assumed 'rdev' could be null (see line 3222)

net/wireless/nl80211.c
  3221	
  3222		if (rdev)
                    ^^^^
The patch adds a NULL dereference

  3223			mutex_lock(&rdev->wiphy.mtx);
  3224		rtnl_unlock();
  3225	
  3226		/*
  3227		 * end workaround code, by now the rdev is available
  3228		 * and locked, and wdev may or may not be NULL.
  3229		 */
  3230	
  3231		if (info->attrs[NL80211_ATTR_WIPHY_NAME])
  3232			result = cfg80211_dev_rename(
  3233				rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME]));
  3234	
  3235		if (result)
  3236			goto out;
  3237	
  3238		if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) {
  3239			struct ieee80211_txq_params txq_params;
  3240			struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1];
  3241	
  3242			if (!rdev->ops->set_txq_params) {
                             ^^^^^^
But it's not checked here.

  3243				result = -EOPNOTSUPP;
  3244				goto out;

regards,
dan carpenter

             reply	other threads:[~2021-01-25  9:18 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-01-25  9:07 Dan Carpenter [this message]
2021-01-25  9:50 ` [bug report] cfg80211: avoid holding the RTNL when calling the driver Johannes Berg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YA6KarkWBBT78rgd@mwanda \
    --to=dan.carpenter@oracle.com \
    --cc=johannes.berg@intel.com \
    --cc=linux-wireless@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).