From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
patches@lists.linux.dev, Purva Yeshi <purvayeshi550@gmail.com>,
Dave Jiang <dave.jiang@intel.com>,
Vinicius Costa Gomes <vinicius.gomes@intel.com>,
Vinod Koul <vkoul@kernel.org>, Sasha Levin <sashal@kernel.org>
Subject: [PATCH 6.12 35/55] dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open
Date: Mon, 2 Jun 2025 15:47:52 +0200 [thread overview]
Message-ID: <20250602134239.662345824@linuxfoundation.org> (raw)
In-Reply-To: <20250602134238.271281478@linuxfoundation.org>
6.12-stable review patch. If anyone has any objections, please let me know.
------------------
From: Purva Yeshi <purvayeshi550@gmail.com>
[ Upstream commit 97994333de2b8062d2df4e6ce0dc65c2dc0f40dc ]
Fix Smatch-detected issue:
drivers/dma/idxd/cdev.c:321 idxd_cdev_open() error:
uninitialized symbol 'sva'.
'sva' pointer may be used uninitialized in error handling paths.
Specifically, if PASID support is enabled and iommu_sva_bind_device()
returns an error, the code jumps to the cleanup label and attempts to
call iommu_sva_unbind_device(sva) without ensuring that sva was
successfully assigned. This triggers a Smatch warning about an
uninitialized symbol.
Initialize sva to NULL at declaration and add a check using
IS_ERR_OR_NULL() before unbinding the device. This ensures the
function does not use an invalid or uninitialized pointer during
cleanup.
Signed-off-by: Purva Yeshi <purvayeshi550@gmail.com>
Reviewed-by: Dave Jiang <dave.jiang@intel.com>
Acked-by: Vinicius Costa Gomes <vinicius.gomes@intel.com>
Link: https://lore.kernel.org/r/20250410110216.21592-1-purvayeshi550@gmail.com
Signed-off-by: Vinod Koul <vkoul@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/dma/idxd/cdev.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/dma/idxd/cdev.c b/drivers/dma/idxd/cdev.c
index 22aa2bab3693c..19a58c4ecef3f 100644
--- a/drivers/dma/idxd/cdev.c
+++ b/drivers/dma/idxd/cdev.c
@@ -225,7 +225,7 @@ static int idxd_cdev_open(struct inode *inode, struct file *filp)
struct idxd_wq *wq;
struct device *dev, *fdev;
int rc = 0;
- struct iommu_sva *sva;
+ struct iommu_sva *sva = NULL;
unsigned int pasid;
struct idxd_cdev *idxd_cdev;
@@ -322,7 +322,7 @@ static int idxd_cdev_open(struct inode *inode, struct file *filp)
if (device_user_pasid_enabled(idxd))
idxd_xa_pasid_remove(ctx);
failed_get_pasid:
- if (device_user_pasid_enabled(idxd))
+ if (device_user_pasid_enabled(idxd) && !IS_ERR_OR_NULL(sva))
iommu_sva_unbind_device(sva);
failed:
mutex_unlock(&wq->wq_lock);
--
2.39.5
next prev parent reply other threads:[~2025-06-02 14:01 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-02 13:47 [PATCH 6.12 00/55] 6.12.32-rc1 review Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 01/55] can: kvaser_pciefd: Force IRQ edge in case of nested IRQ Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 02/55] arm64: dts: qcom: ipq9574: Add missing properties for cryptobam Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 03/55] arm64: dts: qcom: sa8775p: Remove extra entries from the iommus property Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 04/55] arm64: dts: qcom: sa8775p: Remove cdsp compute-cb@10 Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 05/55] arm64: dts: qcom: sm8350: Fix typo in pil_camera_mem node Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 06/55] arm64: dts: qcom: sm8450: Add missing properties for cryptobam Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 07/55] arm64: dts: qcom: sm8550: " Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 08/55] arm64: dts: qcom: sm8650: " Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 09/55] arm64: dts: qcom: x1e80100-asus-vivobook-s15: Fix vreg_l2j_1p2 voltage Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 10/55] arm64: dts: qcom: x1e80100-lenovo-yoga-slim7x: " Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 11/55] arm64: dts: qcom: x1e80100-qcp: " Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 12/55] arm64: dts: qcom: x1e80100-qcp: mark l12b and l15b always-on Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 13/55] arm64: dts: qcom: x1e80100-yoga-slim7x: " Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 14/55] arm64: dts: qcom: x1e80100: Fix video thermal zone Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 15/55] arm64: dts: ti: k3-am62-main: Set eMMC clock parent to default Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 16/55] arm64: dts: ti: k3-am62a-main: " Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 17/55] arm64: dts: ti: k3-am62p-j722s-common-main: " Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 18/55] arm64: dts: ti: k3-am62x: Remove clock-names property from IMX219 overlay Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 19/55] arm64: dts: ti: k3-am62x: Rename I2C switch to I2C mux in " Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 20/55] arm64: dts: ti: k3-am62x: Rename I2C switch to I2C mux in OV5640 overlay Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 21/55] arm64: dts: ti: k3-am65-main: Add missing taps to sdhci0 Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 22/55] arm64: dts: ti: k3-am68-sk: Fix regulator hierarchy Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 23/55] arm64: dts: ti: k3-j721e-sk: Add DT nodes for power regulators Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 24/55] arm64: dts: ti: k3-j721e-sk: Remove clock-names property from IMX219 overlay Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 25/55] arm64: dts: ti: k3-j721e-sk: Add requiried voltage supplies for IMX219 Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 26/55] arm64: dts: ti: k3-j722s-evm: Enable "serdes_wiz0" and "serdes_wiz1" Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 27/55] arm64: dts: ti: k3-j722s-main: Disable " Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 28/55] arm64: dts: ti: k3-j784s4-j742s2-main-common: Fix length of serdes_ln_ctrl Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 29/55] net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 30/55] perf/arm-cmn: Fix REQ2/SNP2 mixup Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 31/55] perf/arm-cmn: Initialise cmn->cpu earlier Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 32/55] perf/arm-cmn: Add CMN S3 ACPI binding Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 33/55] coredump: fix error handling for replace_fd() Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 34/55] coredump: hand a pidfd to the usermode coredump helper Greg Kroah-Hartman
2025-06-02 13:47 ` Greg Kroah-Hartman [this message]
2025-06-02 13:47 ` [PATCH 6.12 36/55] HID: quirks: Add ADATA XPG alpha wireless mouse support Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 37/55] nfs: dont share pNFS DS connections between net namespaces Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 38/55] platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 39/55] um: let make clean properly clean underlying SUBARCH as well Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 40/55] gpio: virtuser: fix potential out-of-bound write Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 41/55] drm/amd/display: fix link_set_dpms_off multi-display MST corner case Greg Kroah-Hartman
2025-06-02 13:47 ` [PATCH 6.12 42/55] drm/amd/display: check stream id dml21 wrapper to get plane_id Greg Kroah-Hartman
2025-06-02 13:48 ` [PATCH 6.12 43/55] phy: starfive: jh7110-usb: Fix USB 2.0 host occasional detection failure Greg Kroah-Hartman
2025-06-02 13:48 ` [PATCH 6.12 44/55] phy: phy-rockchip-samsung-hdptx: Fix PHY PLL output 50.25MHz error Greg Kroah-Hartman
2025-06-02 13:48 ` [PATCH 6.12 45/55] spi: spi-sun4i: fix early activation Greg Kroah-Hartman
2025-06-02 13:48 ` [PATCH 6.12 46/55] nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro Greg Kroah-Hartman
2025-06-02 13:48 ` [PATCH 6.12 47/55] drm/xe/xe2hpg: Add Wa_22021007897 Greg Kroah-Hartman
2025-06-02 13:48 ` [PATCH 6.12 48/55] drm/xe: Save the gt pointer in lrc and drop the tile Greg Kroah-Hartman
2025-06-02 13:48 ` [PATCH 6.12 49/55] char: tpm: tpm-buf: Add sanity check fallback in read helpers Greg Kroah-Hartman
2025-06-02 13:48 ` [PATCH 6.12 50/55] NFS: Avoid flushing data while holding directory locks in nfs_rename() Greg Kroah-Hartman
2025-06-02 13:48 ` [PATCH 6.12 51/55] platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys Greg Kroah-Hartman
2025-06-02 13:48 ` [PATCH 6.12 52/55] ALSA: hda/realtek - restore auto-mute mode for Dell Chrome platform Greg Kroah-Hartman
2025-06-02 13:48 ` [PATCH 6.12 53/55] platform/x86: thinkpad_acpi: Ignore battery threshold change event notification Greg Kroah-Hartman
2025-06-02 13:48 ` [PATCH 6.12 54/55] net: ethernet: ti: am65-cpsw: Lower random mac address error print to info Greg Kroah-Hartman
2025-06-02 13:48 ` [PATCH 6.12 55/55] ksmbd: use list_first_entry_or_null for opinfo_get_list() Greg Kroah-Hartman
2025-06-02 17:42 ` [PATCH 6.12 00/55] 6.12.32-rc1 review Florian Fainelli
2025-06-02 17:57 ` Peter Schneider
2025-06-03 6:10 ` Harshit Mogalapalli
2025-06-03 7:36 ` Ron Economos
2025-06-03 9:43 ` Mark Brown
2025-06-03 11:32 ` Naresh Kamboju
2025-06-03 13:51 ` Brett Mastbergen
2025-06-03 17:10 ` Shuah Khan
2025-06-03 20:33 ` Hardik Garg
2025-06-04 9:41 ` Jon Hunter
2025-06-04 9:57 ` Jon Hunter
2025-06-04 10:19 ` Greg Kroah-Hartman
2025-06-04 10:22 ` Jon Hunter
2025-06-04 10:36 ` Greg Kroah-Hartman
2025-06-04 9:58 ` Greg Kroah-Hartman
2025-06-04 10:20 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250602134239.662345824@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=dave.jiang@intel.com \
--cc=patches@lists.linux.dev \
--cc=purvayeshi550@gmail.com \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
--cc=vinicius.gomes@intel.com \
--cc=vkoul@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox