Re: [PATCH 077/190] Revert "rapidio: fix a NULL pointer dereference when create_workqueue() fails"

From: Greg Kroah-Hartman
Date: Tue Apr 27 2021 - 13:39:10 EST

Next message: Greg Kroah-Hartman: "Re: [PATCH 160/190] Revert "Staging: rts5208: Fix error handling on rtsx_send_cmd""
Previous message: pr-tracker-bot: "Re: [GIT PULL] CFI on arm64 series for v5.13-rc1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 21, 2021 at 02:59:12PM +0200, Greg Kroah-Hartman wrote:
> This reverts commit 23015b22e47c5409620b1726a677d69e5cd032ba.
>
> Commits from @umn.edu addresses have been found to be submitted in "bad
> faith" to try to test the kernel community's ability to review "known
> malicious" changes. The result of these submissions can be found in a
> paper published at the 42nd IEEE Symposium on Security and Privacy
> entitled, "Open Source Insecurity: Stealthily Introducing
> Vulnerabilities via Hypocrite Commits" written by Qiushi Wu (University
> of Minnesota) and Kangjie Lu (University of Minnesota).
>
> Because of this, all submissions from this group must be reverted from
> the kernel tree and will need to be re-reviewed again to determine if
> they actually are a valid fix. Until that work is complete, remove this
> change to ensure that no problems are being introduced into the
> codebase.
>
> Cc: Kangjie Lu <kjlu@xxxxxxx>
> Cc: Alexandre Bounine <alex.bou9@xxxxxxxxx>
> Cc: Matt Porter <mporter@xxxxxxxxxxxxxxxxxxx>
> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
> ---
> drivers/rapidio/rio_cm.c | 8 --------
> 1 file changed, 8 deletions(-)
>
> diff --git a/drivers/rapidio/rio_cm.c b/drivers/rapidio/rio_cm.c
> index 50ec53d67a4c..e6c16f04f2b4 100644
> --- a/drivers/rapidio/rio_cm.c
> +++ b/drivers/rapidio/rio_cm.c
> @@ -2138,14 +2138,6 @@ static int riocm_add_mport(struct device *dev,
> mutex_init(&cm->rx_lock);
> riocm_rx_fill(cm, RIOCM_RX_RING_SIZE);
> cm->rx_wq = create_workqueue(DRV_NAME "/rxq");
> - if (!cm->rx_wq) {
> - riocm_error("failed to allocate IBMBOX_%d on %s",
> - cmbox, mport->name);
> - rio_release_outb_mbox(mport, cmbox);
> - kfree(cm);
> - return -ENOMEM;
> - }
> -
> INIT_WORK(&cm->rx_work, rio_ibmsg_handler);
>
> cm->tx_slot = 0;
> --
> 2.31.1
>

This patch has a memory leak on the error path here, it does not clean
up everything properly. So I'll keep the revert and fix it up properly
in a follow-on patch.

thanks,

greg k-h

Next message: Greg Kroah-Hartman: "Re: [PATCH 160/190] Revert "Staging: rts5208: Fix error handling on rtsx_send_cmd""
Previous message: pr-tracker-bot: "Re: [GIT PULL] CFI on arm64 series for v5.13-rc1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]