Re: [PATCH] net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc()
From: Simon Horman
Date: Mon Sep 23 2024 - 14:35:59 EST
On Mon, Sep 23, 2024 at 02:34:55PM +0300, Elena Salomatkina wrote:
> In mlx5e_tir_builder_alloc() kvzalloc() may return NULL
> which is dereferenced on the next line in a reference
> to the modify field.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Fixes: a6696735d694 ("net/mlx5e: Convert TIR to a dedicated object")
> Signed-off-by: Elena Salomatkina <esalomatkina@xxxxxxxxx>
Hi Elena,
Unfortunately your patch doesn't apply. This appears to be because
it has been white-space mangled, somehow: tabs have turned into 4 spaces.
I would suggest using b4, or git format-patch + git send-email.
To send patches.
Also, as a fix, this patch should be targeted at net, like this:
Subject [PATCH net v2] ...
This and more information about sending Networking patches can be
found here: https://docs.kernel.org/process/maintainer-netdev.html
> ---
> drivers/net/ethernet/mellanox/mlx5/core/en/tir.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en/tir.c b/drivers/net/ethernet/mellanox/mlx5/core/en/tir.c
> index d4239e3b3c88..72310452fce5 100644
> --- a/drivers/net/ethernet/mellanox/mlx5/core/en/tir.c
> +++ b/drivers/net/ethernet/mellanox/mlx5/core/en/tir.c
> @@ -23,6 +23,8 @@ struct mlx5e_tir_builder *mlx5e_tir_builder_alloc(bool modify)
> struct mlx5e_tir_builder *builder;
>
> builder = kvzalloc(sizeof(*builder), GFP_KERNEL);
> + if (!builder)
> + return NULL;
nit: blank line here please
> builder->modify = modify;
>
> return builder;
--
pw-bot: changes-requested