[PATCH 0/2] liveupdate: luo_session: Fix a couple Smatch issues

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH 0/2] liveupdate: luo_session: Fix a couple Smatch issues
@ 2025-11-26 14:51 Dan Carpenter
  2025-11-26 14:51 ` [PATCH 1/2] liveupdate: luo_session: Fix uninitialized variable in luo_session_setup_outgoing() Dan Carpenter
                   ` (3 more replies)
  0 siblings, 4 replies; 8+ messages in thread
From: Dan Carpenter @ 2025-11-26 14:51 UTC (permalink / raw)
  To: Pasha Tatashin; +Cc: Andrew Morton, linux-kernel, Mike Rapoport, Pratyush Yadav

Smatch detected these two bugs.

Dan Carpenter (2):
  liveupdate: luo_session: Fix uninitialized variable in
    luo_session_setup_outgoing()
  liveupdate: luo_session: Fix use after free in
    luo_session_deserialize()

 kernel/liveupdate/luo_session.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

-- 
2.51.0


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [PATCH 1/2] liveupdate: luo_session: Fix uninitialized variable in luo_session_setup_outgoing()
  2025-11-26 14:51 [PATCH 0/2] liveupdate: luo_session: Fix a couple Smatch issues Dan Carpenter
@ 2025-11-26 14:51 ` Dan Carpenter
  2025-11-26 15:22   ` Pasha Tatashin
  2025-11-26 14:51 ` [PATCH 2/2] liveupdate: luo_session: Fix use after free in luo_session_deserialize() Dan Carpenter
                   ` (2 subsequent siblings)
  3 siblings, 1 reply; 8+ messages in thread
From: Dan Carpenter @ 2025-11-26 14:51 UTC (permalink / raw)
  To: Pasha Tatashin; +Cc: Mike Rapoport, Pratyush Yadav, Andrew Morton, linux-kernel

The "header_ser" variable is uninitialized.  The "outgoing_buffer"
variable was intended here, so use that instead.

Fixes: 7eeeec7e1690 ("liveupdate: luo_session: add sessions support")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
---
 kernel/liveupdate/luo_session.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/liveupdate/luo_session.c b/kernel/liveupdate/luo_session.c
index cf5c83b272e7..a572bf689712 100644
--- a/kernel/liveupdate/luo_session.c
+++ b/kernel/liveupdate/luo_session.c
@@ -447,7 +447,7 @@ int __init luo_session_setup_outgoing(void *fdt_out)
 
 	outgoing_buffer = kho_alloc_preserve(LUO_SESSION_PGCNT << PAGE_SHIFT);
 	if (IS_ERR(outgoing_buffer))
-		return PTR_ERR(header_ser);
+		return PTR_ERR(outgoing_buffer);
 	header_ser = outgoing_buffer;
 	header_ser_pa = virt_to_phys(header_ser);
 
-- 
2.51.0


^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [PATCH 2/2] liveupdate: luo_session: Fix use after free in luo_session_deserialize()
  2025-11-26 14:51 [PATCH 0/2] liveupdate: luo_session: Fix a couple Smatch issues Dan Carpenter
  2025-11-26 14:51 ` [PATCH 1/2] liveupdate: luo_session: Fix uninitialized variable in luo_session_setup_outgoing() Dan Carpenter
@ 2025-11-26 14:51 ` Dan Carpenter
  2025-11-26 15:23   ` Pasha Tatashin
  2025-11-26 15:25 ` [PATCH 0/2] liveupdate: luo_session: Fix a couple Smatch issues Pasha Tatashin
  2025-11-27  5:07 ` Mike Rapoport
  3 siblings, 1 reply; 8+ messages in thread
From: Dan Carpenter @ 2025-11-26 14:51 UTC (permalink / raw)
  To: Pasha Tatashin; +Cc: Mike Rapoport, Pratyush Yadav, Andrew Morton, linux-kernel

The debug output frees "session" but it was freed on the previous line.
Move the free after the printk().

Fixes: 7eeeec7e1690 ("liveupdate: luo_session: add sessions support")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
---
 kernel/liveupdate/luo_session.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/liveupdate/luo_session.c b/kernel/liveupdate/luo_session.c
index a572bf689712..b86d45c9dcbd 100644
--- a/kernel/liveupdate/luo_session.c
+++ b/kernel/liveupdate/luo_session.c
@@ -553,9 +553,9 @@ int luo_session_deserialize(void)
 
 		err = luo_session_insert(sh, session);
 		if (err) {
-			luo_session_free(session);
 			pr_warn("Failed to insert session [%s] %pe\n",
 				session->name, ERR_PTR(err));
+			luo_session_free(session);
 			return err;
 		}
 
-- 
2.51.0


^ permalink raw reply related	[flat|nested] 8+ messages in thread

* Re: [PATCH 1/2] liveupdate: luo_session: Fix uninitialized variable in luo_session_setup_outgoing()
  2025-11-26 14:51 ` [PATCH 1/2] liveupdate: luo_session: Fix uninitialized variable in luo_session_setup_outgoing() Dan Carpenter
@ 2025-11-26 15:22   ` Pasha Tatashin
  0 siblings, 0 replies; 8+ messages in thread
From: Pasha Tatashin @ 2025-11-26 15:22 UTC (permalink / raw)
  To: Dan Carpenter; +Cc: Mike Rapoport, Pratyush Yadav, Andrew Morton, linux-kernel

On Wed, Nov 26, 2025 at 9:51 AM Dan Carpenter <dan.carpenter@linaro.org> wrote:
>
> The "header_ser" variable is uninitialized.  The "outgoing_buffer"
> variable was intended here, so use that instead.
>
> Fixes: 7eeeec7e1690 ("liveupdate: luo_session: add sessions support")
> Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
> ---
>  kernel/liveupdate/luo_session.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/liveupdate/luo_session.c b/kernel/liveupdate/luo_session.c
> index cf5c83b272e7..a572bf689712 100644
> --- a/kernel/liveupdate/luo_session.c
> +++ b/kernel/liveupdate/luo_session.c
> @@ -447,7 +447,7 @@ int __init luo_session_setup_outgoing(void *fdt_out)
>
>         outgoing_buffer = kho_alloc_preserve(LUO_SESSION_PGCNT << PAGE_SHIFT);
>         if (IS_ERR(outgoing_buffer))
> -               return PTR_ERR(header_ser);
> +               return PTR_ERR(outgoing_buffer);
>         header_ser = outgoing_buffer;
>         header_ser_pa = virt_to_phys(header_ser);

This is already fixed in LUOv8.

Thank you,
Pasha

>
> --
> 2.51.0
>

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH 2/2] liveupdate: luo_session: Fix use after free in luo_session_deserialize()
  2025-11-26 14:51 ` [PATCH 2/2] liveupdate: luo_session: Fix use after free in luo_session_deserialize() Dan Carpenter
@ 2025-11-26 15:23   ` Pasha Tatashin
  0 siblings, 0 replies; 8+ messages in thread
From: Pasha Tatashin @ 2025-11-26 15:23 UTC (permalink / raw)
  To: Dan Carpenter; +Cc: Mike Rapoport, Pratyush Yadav, Andrew Morton, linux-kernel

On Wed, Nov 26, 2025 at 9:51 AM Dan Carpenter <dan.carpenter@linaro.org> wrote:
>
> The debug output frees "session" but it was freed on the previous line.
> Move the free after the printk().
>
> Fixes: 7eeeec7e1690 ("liveupdate: luo_session: add sessions support")
> Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
> ---
>  kernel/liveupdate/luo_session.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/liveupdate/luo_session.c b/kernel/liveupdate/luo_session.c
> index a572bf689712..b86d45c9dcbd 100644
> --- a/kernel/liveupdate/luo_session.c
> +++ b/kernel/liveupdate/luo_session.c
> @@ -553,9 +553,9 @@ int luo_session_deserialize(void)
>
>                 err = luo_session_insert(sh, session);
>                 if (err) {
> -                       luo_session_free(session);
>                         pr_warn("Failed to insert session [%s] %pe\n",
>                                 session->name, ERR_PTR(err));
> +                       luo_session_free(session);
>                         return err;
>                 }

Andrew, could you please add this fix-up to "liveupdate: luo_session:
add sessions support"

Thank you,
Pasha

>
> --
> 2.51.0
>

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH 0/2] liveupdate: luo_session: Fix a couple Smatch issues
  2025-11-26 14:51 [PATCH 0/2] liveupdate: luo_session: Fix a couple Smatch issues Dan Carpenter
  2025-11-26 14:51 ` [PATCH 1/2] liveupdate: luo_session: Fix uninitialized variable in luo_session_setup_outgoing() Dan Carpenter
  2025-11-26 14:51 ` [PATCH 2/2] liveupdate: luo_session: Fix use after free in luo_session_deserialize() Dan Carpenter
@ 2025-11-26 15:25 ` Pasha Tatashin
  2025-11-27  5:07 ` Mike Rapoport
  3 siblings, 0 replies; 8+ messages in thread
From: Pasha Tatashin @ 2025-11-26 15:25 UTC (permalink / raw)
  To: Dan Carpenter; +Cc: Andrew Morton, linux-kernel, Mike Rapoport, Pratyush Yadav

On Wed, Nov 26, 2025 at 9:51 AM Dan Carpenter <dan.carpenter@linaro.org> wrote:
>
> Smatch detected these two bugs.

That's awesome, thank you for testing.

Pasha

>
> Dan Carpenter (2):
>   liveupdate: luo_session: Fix uninitialized variable in
>     luo_session_setup_outgoing()
>   liveupdate: luo_session: Fix use after free in
>     luo_session_deserialize()
>
>  kernel/liveupdate/luo_session.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> --
> 2.51.0
>

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH 0/2] liveupdate: luo_session: Fix a couple Smatch issues
  2025-11-26 14:51 [PATCH 0/2] liveupdate: luo_session: Fix a couple Smatch issues Dan Carpenter
                   ` (2 preceding siblings ...)
  2025-11-26 15:25 ` [PATCH 0/2] liveupdate: luo_session: Fix a couple Smatch issues Pasha Tatashin
@ 2025-11-27  5:07 ` Mike Rapoport
  2025-11-27  5:10   ` Mike Rapoport
  3 siblings, 1 reply; 8+ messages in thread
From: Mike Rapoport @ 2025-11-27  5:07 UTC (permalink / raw)
  To: Dan Carpenter
  Cc: Dan Carpenter, Pasha Tatashin, Andrew Morton, linux-kernel,
	Pratyush Yadav

(added Dan Carpenter)

On Wed, Nov 26, 2025 at 05:51:23PM +0300, Dan Carpenter wrote:
> Smatch detected these two bugs.
> 
> Dan Carpenter (2):
>   liveupdate: luo_session: Fix uninitialized variable in
>     luo_session_setup_outgoing()
>   liveupdate: luo_session: Fix use after free in
>     luo_session_deserialize()
> 
>  kernel/liveupdate/luo_session.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> -- 
> 2.51.0
> 

-- 
Sincerely yours,
Mike.

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH 0/2] liveupdate: luo_session: Fix a couple Smatch issues
  2025-11-27  5:07 ` Mike Rapoport
@ 2025-11-27  5:10   ` Mike Rapoport
  0 siblings, 0 replies; 8+ messages in thread
From: Mike Rapoport @ 2025-11-27  5:10 UTC (permalink / raw)
  To: Dan Carpenter; +Cc: Pasha Tatashin, Andrew Morton, linux-kernel, Pratyush Yadav

Wrong thread, sorry for the noise

On Thu, Nov 27, 2025 at 07:07:55AM +0200, Mike Rapoport wrote:
> (added Dan Carpenter)
> 
> On Wed, Nov 26, 2025 at 05:51:23PM +0300, Dan Carpenter wrote:
> > Smatch detected these two bugs.
> > 
> > Dan Carpenter (2):
> >   liveupdate: luo_session: Fix uninitialized variable in
> >     luo_session_setup_outgoing()
> >   liveupdate: luo_session: Fix use after free in
> >     luo_session_deserialize()
> > 
> >  kernel/liveupdate/luo_session.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> > 
> > -- 
> > 2.51.0
> > 
> 
> -- 
> Sincerely yours,
> Mike.

-- 
Sincerely yours,
Mike.

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2025-11-27  5:10 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-11-26 14:51 [PATCH 0/2] liveupdate: luo_session: Fix a couple Smatch issues Dan Carpenter
2025-11-26 14:51 ` [PATCH 1/2] liveupdate: luo_session: Fix uninitialized variable in luo_session_setup_outgoing() Dan Carpenter
2025-11-26 15:22   ` Pasha Tatashin
2025-11-26 14:51 ` [PATCH 2/2] liveupdate: luo_session: Fix use after free in luo_session_deserialize() Dan Carpenter
2025-11-26 15:23   ` Pasha Tatashin
2025-11-26 15:25 ` [PATCH 0/2] liveupdate: luo_session: Fix a couple Smatch issues Pasha Tatashin
2025-11-27  5:07 ` Mike Rapoport
2025-11-27  5:10   ` Mike Rapoport

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox