[PATCH] caif_virtio: fix wrong pointer check in cfv

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] caif_virtio: fix wrong pointer check in cfv_probe()
@ 2025-02-27 18:46 Vitaliy Shevtsov
  2025-02-27 20:51 ` Gerhard Engleder
  2025-03-01  2:40 ` patchwork-bot+netdevbpf
  0 siblings, 2 replies; 3+ messages in thread
From: Vitaliy Shevtsov @ 2025-02-27 18:46 UTC (permalink / raw)
  To: Andrew Lunn
  Cc: Vitaliy Shevtsov, David S. Miller, Eric Dumazet, Jakub Kicinski,
	Paolo Abeni, Michael S. Tsirkin, Jiri Pirko, Krzysztof Kozlowski,
	Rusty Russell, Erwan Yvin, netdev, linux-kernel, lvc-project

del_vqs() frees virtqueues, therefore cfv->vq_tx pointer should be checked
for NULL before calling it, not cfv->vdev. Also the current implementation
is redundant because the pointer cfv->vdev is dereferenced before it is
checked for NULL.

Fix this by checking cfv->vq_tx for NULL instead of cfv->vdev before
calling del_vqs().

Found by Linux Verification Center (linuxtesting.org) with Svace.

Fixes: 0d2e1a2926b1 ("caif_virtio: Introduce caif over virtio")
Signed-off-by: Vitaliy Shevtsov <v.shevtsov@mt-integration.ru>
---
 drivers/net/caif/caif_virtio.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/net/caif/caif_virtio.c b/drivers/net/caif/caif_virtio.c
index 7fea00c7ca8a..c60386bf2d1a 100644
--- a/drivers/net/caif/caif_virtio.c
+++ b/drivers/net/caif/caif_virtio.c
@@ -745,7 +745,7 @@ static int cfv_probe(struct virtio_device *vdev)
 
 	if (cfv->vr_rx)
 		vdev->vringh_config->del_vrhs(cfv->vdev);
-	if (cfv->vdev)
+	if (cfv->vq_tx)
 		vdev->config->del_vqs(cfv->vdev);
 	free_netdev(netdev);
 	return err;
-- 
2.48.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] caif_virtio: fix wrong pointer check in cfv_probe()
  2025-02-27 18:46 [PATCH] caif_virtio: fix wrong pointer check in cfv_probe() Vitaliy Shevtsov
@ 2025-02-27 20:51 ` Gerhard Engleder
  2025-03-01  2:40 ` patchwork-bot+netdevbpf
  1 sibling, 0 replies; 3+ messages in thread
From: Gerhard Engleder @ 2025-02-27 20:51 UTC (permalink / raw)
  To: Vitaliy Shevtsov
  Cc: David S. Miller, Eric Dumazet, Jakub Kicinski, Paolo Abeni,
	Michael S. Tsirkin, Jiri Pirko, Krzysztof Kozlowski,
	Rusty Russell, Erwan Yvin, netdev, linux-kernel, lvc-project,
	Andrew Lunn

On 27.02.25 19:46, Vitaliy Shevtsov wrote:
> del_vqs() frees virtqueues, therefore cfv->vq_tx pointer should be checked
> for NULL before calling it, not cfv->vdev. Also the current implementation
> is redundant because the pointer cfv->vdev is dereferenced before it is
> checked for NULL.
> 
> Fix this by checking cfv->vq_tx for NULL instead of cfv->vdev before
> calling del_vqs().
> 
> Found by Linux Verification Center (linuxtesting.org) with Svace.
> 
> Fixes: 0d2e1a2926b1 ("caif_virtio: Introduce caif over virtio")
> Signed-off-by: Vitaliy Shevtsov <v.shevtsov@mt-integration.ru>
> ---
>   drivers/net/caif/caif_virtio.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/net/caif/caif_virtio.c b/drivers/net/caif/caif_virtio.c
> index 7fea00c7ca8a..c60386bf2d1a 100644
> --- a/drivers/net/caif/caif_virtio.c
> +++ b/drivers/net/caif/caif_virtio.c
> @@ -745,7 +745,7 @@ static int cfv_probe(struct virtio_device *vdev)
>   
>   	if (cfv->vr_rx)
>   		vdev->vringh_config->del_vrhs(cfv->vdev);
> -	if (cfv->vdev)
> +	if (cfv->vq_tx)
>   		vdev->config->del_vqs(cfv->vdev);
>   	free_netdev(netdev);
>   	return err;

Reviewed-by: Gerhard Engleder <gerhard@engleder-embedded.com>

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] caif_virtio: fix wrong pointer check in cfv_probe()
  2025-02-27 18:46 [PATCH] caif_virtio: fix wrong pointer check in cfv_probe() Vitaliy Shevtsov
  2025-02-27 20:51 ` Gerhard Engleder
@ 2025-03-01  2:40 ` patchwork-bot+netdevbpf
  1 sibling, 0 replies; 3+ messages in thread
From: patchwork-bot+netdevbpf @ 2025-03-01  2:40 UTC (permalink / raw)
  To: Vitaliy Shevtsov
  Cc: andrew+netdev, davem, edumazet, kuba, pabeni, mst, jiri,
	krzysztof.kozlowski, rusty, erwan.yvin, netdev, linux-kernel,
	lvc-project

Hello:

This patch was applied to netdev/net.git (main)
by Jakub Kicinski <kuba@kernel.org>:

On Thu, 27 Feb 2025 23:46:27 +0500 you wrote:
> del_vqs() frees virtqueues, therefore cfv->vq_tx pointer should be checked
> for NULL before calling it, not cfv->vdev. Also the current implementation
> is redundant because the pointer cfv->vdev is dereferenced before it is
> checked for NULL.
> 
> Fix this by checking cfv->vq_tx for NULL instead of cfv->vdev before
> calling del_vqs().
> 
> [...]

Here is the summary with links:
  - caif_virtio: fix wrong pointer check in cfv_probe()
    https://git.kernel.org/netdev/net/c/a466fd7e9faf

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html



^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2025-03-01  2:39 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-02-27 18:46 [PATCH] caif_virtio: fix wrong pointer check in cfv_probe() Vitaliy Shevtsov
2025-02-27 20:51 ` Gerhard Engleder
2025-03-01  2:40 ` patchwork-bot+netdevbpf

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).