Re: [PATCH V3] ppdev: Add an error check in register_device

From: Greg KH
Date: Thu Apr 11 2024 - 09:14:16 EST

Next message: Ryan Roberts: "Re: [PATCH v5 2/2] mm/arm64: override mkold_clean_ptes() batch helper"
Previous message: Alexander Gordeev: "Re: [PATCH v1 1/5] s390/uv: don't call wait_on_page_writeback() without a reference"
Next in thread: Huai-Yuan Liu: "Re: [PATCH V3] ppdev: Add an error check in register_device"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Apr 07, 2024 at 09:20:54PM +0800, Huai-Yuan Liu wrote:
> In register_device, the return value of ida_simple_get is unchecked,
> in witch ida_simple_get will use an invalid index value.
>
> To address this issue, index should be checked after ida_simple_get. When
> the index value is abnormal, a warning message should be printed, the port
> should be dropped, and the value should be recorded.
>
> Fixes: 9a69645dde11 ("ppdev: fix registering same device name")
> Signed-off-by: Huai-Yuan Liu <qq810974084@xxxxxxxxx>
> ---
> V2:
> * In patch V2, we found that parport_find_number implicitly calls
> parport_get_port(). So when dealing with abnormal index values, we should
> call parport_put_port() to throw away the reference to the port.
> V3:
> * In patch V3, we made some additional adjustments to the jump labels,
> making the code more concise and readable.
> Thanks to Christophe JAILLET for helpful suggestion.
> ---
> drivers/char/ppdev.c | 16 ++++++++++++----
> 1 file changed, 12 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/char/ppdev.c b/drivers/char/ppdev.c
> index 4c188e9e477c..276db589b901 100644
> --- a/drivers/char/ppdev.c
> +++ b/drivers/char/ppdev.c
> @@ -296,28 +296,36 @@ static int register_device(int minor, struct pp_struct *pp)
> if (!port) {
> pr_warn("%s: no associated port!\n", name);
> rc = -ENXIO;
> - goto err;
> + goto err_free_name;
> }
>
> index = ida_simple_get(&ida_index, 0, 0, GFP_KERNEL);
> + if (index < 0) {
> + pr_warn("%s: failed to get index!\n", name);
> + rc = index;
> + goto err_put_port;
> + }
> +
> memset(&ppdev_cb, 0, sizeof(ppdev_cb));
> ppdev_cb.irq_func = pp_irq;
> ppdev_cb.flags = (pp->flags & PP_EXCL) ? PARPORT_FLAG_EXCL : 0;
> ppdev_cb.private = pp;
> pdev = parport_register_dev_model(port, name, &ppdev_cb, index);
> - parport_put_port(port);
>
> if (!pdev) {
> pr_warn("%s: failed to register device!\n", name);
> rc = -ENXIO;
> ida_simple_remove(&ida_index, index);
> - goto err;
> + goto err_put_port;
> }
>
> pp->pdev = pdev;
> pp->index = index;
> dev_dbg(&pdev->dev, "registered pardevice\n");
> -err:
> +
> +err_put_port:
> + parport_put_port(port);
> +err_free_name:
> kfree(name);
> return rc;
> }
> --
> 2.34.1
>

Does not apply to the tree at all :(

Next message: Ryan Roberts: "Re: [PATCH v5 2/2] mm/arm64: override mkold_clean_ptes() batch helper"
Previous message: Alexander Gordeev: "Re: [PATCH v1 1/5] s390/uv: don't call wait_on_page_writeback() without a reference"
Next in thread: Huai-Yuan Liu: "Re: [PATCH V3] ppdev: Add an error check in register_device"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]