From: "Uwe Kleine-König" <u.kleine-koenig@pengutronix.de>
To: Frans Klaver <fransklaver@gmail.com>
Cc: "LABBE Corentin" <clabbe.montjoie@gmail.com>,
baruch@tkos.co.il, "Brian Norris" <computersforpeace@gmail.com>,
"David Woodhouse" <dwmw2@infradead.org>,
"Krzysztof Kozłowski" <k.kozlowski.k@gmail.com>,
"Luis de Bethencourt" <luis@debethencourt.com>,
kernel@pengutronix.de,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
devicetree@vger.kernel.org
Subject: Re: [PATCH] mtd: nand: mxc_nand: fix a possible NULL dereference
Date: Thu, 12 Nov 2015 10:01:54 +0100 [thread overview]
Message-ID: <20151112090154.GG24008@pengutronix.de> (raw)
In-Reply-To: <CAH6sp9MX25TX2n6F7EcC1y=xmvffhkpO488xWHy6QXjsBM2VHA@mail.gmail.com>
On Thu, Nov 12, 2015 at 09:57:07AM +0100, Frans Klaver wrote:
> On Thu, Nov 12, 2015 at 9:53 AM, Uwe Kleine-König
> <u.kleine-koenig@pengutronix.de> wrote:
> > CC += devicetree@vger.kernel.org, gregkh
>
> You added linux@pengutronix instead of devicetree.
Well I substituted Sascha by kernel@pengutronix.de on purpose, but
considered that too unimportant for the outer world :-) But I really
forgot devicetree@vger.kernel.org. Added now.
> > On Thu, Nov 12, 2015 at 09:36:55AM +0100, Frans Klaver wrote:
> >> On Thu, Nov 12, 2015 at 9:26 AM, Uwe Kleine-König
> >> <u.kleine-koenig@pengutronix.de> wrote:
> >> > On Thu, Nov 12, 2015 at 09:03:11AM +0100, Frans Klaver wrote:
> >> >> Hi,
> >> >>
> >> >> On Thu, Nov 12, 2015 at 8:46 AM, LABBE Corentin
> >> >> <clabbe.montjoie@gmail.com> wrote:
> >> >> > of_match_device could return NULL, and so cause a NULL pointer
> >> >> > dereference later.
> >> >>
> >> >> Did you actually run into this? It seems to me that this driver is
> >> >> only probed if and only if we have a match and that therefore
> >> >> of_match_device will always return a valid pointer (it is using the
> >> >> same match table). Am I missing something?
> >> >
> >> > Yes, you're missing something. The driver would probe for a dt snippet
> >> > like:
> >> >
> >> > mxc_nand {
> >> > compatible = "foobar";
> >> > }
> >> >
> >> > In this case dev->of_node is non-NULL but of_match_device(mxcnd_dt_ids,
> >> > dev) is.
> >> >
> >> > (I didn't actually test this, so there is a chance I'm wrong here. And
> >> > if not I wonder if it is sensible at all to match the device name on
> >> > driver name for of-created platform devices.)
> >>
> >> Yea, looks like you're right. platform devices check a number of
> >> things to determine a match, among which is driver name if all else
> >> fails (platform.c, platform_match()).
> >
> > Maybe something like this would help to reduce surprises:
> >
> > diff --git a/drivers/base/platform.c b/drivers/base/platform.c
> > index f80aaaf9f610..a9fc22c86552 100644
> > --- a/drivers/base/platform.c
> > +++ b/drivers/base/platform.c
> > @@ -840,8 +840,8 @@ static int platform_match(struct device *dev, struct device_driver *drv)
> > return !strcmp(pdev->driver_override, drv->name);
> >
> > /* Attempt an OF style match first */
> > - if (of_driver_match_device(dev, drv))
> > - return 1;
> > + if (pdev->dev.of_node)
> > + return of_driver_match_device(dev, drv);
> >
> > /* Then try ACPI style match */
> > if (acpi_driver_match_device(dev, drv))
>
> That looks sensible, yea. There is a chance that misbehaving DT nodes
> will fail after this change, of course.
Which is ok if this behaviour is considered a misbehave :-)
Best regards
Uwe
--
Pengutronix e.K. | Uwe Kleine-König |
Industrial Linux Solutions | http://www.pengutronix.de/ |
next prev parent reply other threads:[~2015-11-12 9:02 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-12 7:46 [PATCH] mtd: nand: mxc_nand: fix a possible NULL dereference LABBE Corentin
2015-11-12 8:03 ` Frans Klaver
2015-11-12 8:26 ` Uwe Kleine-König
2015-11-12 8:36 ` Frans Klaver
2015-11-12 8:53 ` Uwe Kleine-König
2015-11-12 8:57 ` Frans Klaver
2015-11-12 9:01 ` Uwe Kleine-König [this message]
2015-11-12 8:19 ` Uwe Kleine-König
2015-11-12 10:03 ` LABBE Corentin
2015-11-12 10:14 ` Uwe Kleine-König
2015-11-16 18:33 ` Brian Norris
2015-11-16 19:12 ` Corentin LABBE
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151112090154.GG24008@pengutronix.de \
--to=u.kleine-koenig@pengutronix.de \
--cc=baruch@tkos.co.il \
--cc=clabbe.montjoie@gmail.com \
--cc=computersforpeace@gmail.com \
--cc=devicetree@vger.kernel.org \
--cc=dwmw2@infradead.org \
--cc=fransklaver@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=k.kozlowski.k@gmail.com \
--cc=kernel@pengutronix.de \
--cc=linux-kernel@vger.kernel.org \
--cc=luis@debethencourt.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox