* [bug report] ACPI: PRM: implement OperationRegion handler for the PlatformRtMechanism subtype
@ 2021-06-18 8:39 Dan Carpenter
2021-06-18 8:41 ` Dan Carpenter
0 siblings, 1 reply; 2+ messages in thread
From: Dan Carpenter @ 2021-06-18 8:39 UTC (permalink / raw)
To: erik.kaneda; +Cc: linux-acpi
Hello Erik Kaneda,
The patch cefc7ca46235: "ACPI: PRM: implement OperationRegion handler
for the PlatformRtMechanism subtype" from Jun 9, 2021, leads to the
following static checker warning:
drivers/acpi/prmt.c:113 acpi_parse_prmt()
error: potential null dereference 'tm'. (kmalloc returns null)
drivers/acpi/prmt.c
95 static int __init
96 acpi_parse_prmt(union acpi_subtable_headers *header, const unsigned long end)
97 {
98 struct acpi_prmt_module_info *module_info;
99 struct acpi_prmt_handler_info *handler_info;
100 struct prm_handler_info *th;
101 struct prm_module_info *tm;
102 u64 mmio_count = 0;
103 u64 cur_handler = 0;
104 u32 module_info_size = 0;
105 u64 mmio_range_size = 0;
106 void *temp_mmio;
107
108 module_info = (struct acpi_prmt_module_info *) header;
109 module_info_size = struct_size(tm, handlers, module_info->handler_info_count);
110 tm = kmalloc(module_info_size, GFP_KERNEL);
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Check for NULL?
111
112 guid_copy(&tm->guid, (guid_t *) module_info->module_guid);
113 tm->major_rev = module_info->major_rev;
114 tm->minor_rev = module_info->minor_rev;
115 tm->handler_count = module_info->handler_info_count;
116 tm->updatable = true;
117
118 if (module_info->mmio_list_pointer) {
119 /*
120 * Each module is associated with a list of addr
121 * ranges that it can use during the service
122 */
123 mmio_count = *(u64 *) memremap(module_info->mmio_list_pointer, 8, MEMREMAP_WB);
124 mmio_range_size = struct_size(tm->mmio_info, addr_ranges, mmio_count);
125 tm->mmio_info = kmalloc(mmio_range_size, GFP_KERNEL);
126 temp_mmio = memremap(module_info->mmio_list_pointer, mmio_range_size, MEMREMAP_WB);
127 memmove(tm->mmio_info, temp_mmio, mmio_range_size);
128 } else {
129 mmio_range_size = struct_size(tm->mmio_info, addr_ranges, mmio_count);
130 tm->mmio_info = kmalloc(mmio_range_size, GFP_KERNEL);
131 tm->mmio_info->mmio_count = 0;
132 }
133
134 INIT_LIST_HEAD(&tm->module_list);
135 list_add(&tm->module_list, &prm_module_list);
regards,
dan carpenter
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [bug report] ACPI: PRM: implement OperationRegion handler for the PlatformRtMechanism subtype
2021-06-18 8:39 [bug report] ACPI: PRM: implement OperationRegion handler for the PlatformRtMechanism subtype Dan Carpenter
@ 2021-06-18 8:41 ` Dan Carpenter
0 siblings, 0 replies; 2+ messages in thread
From: Dan Carpenter @ 2021-06-18 8:41 UTC (permalink / raw)
To: erik.kaneda; +Cc: linux-acpi
On Fri, Jun 18, 2021 at 11:39:51AM +0300, Dan Carpenter wrote:
> Hello Erik Kaneda,
>
> The patch cefc7ca46235: "ACPI: PRM: implement OperationRegion handler
> for the PlatformRtMechanism subtype" from Jun 9, 2021, leads to the
> following static checker warning:
>
> drivers/acpi/prmt.c:113 acpi_parse_prmt()
> error: potential null dereference 'tm'. (kmalloc returns null)
>
> drivers/acpi/prmt.c
> 95 static int __init
> 96 acpi_parse_prmt(union acpi_subtable_headers *header, const unsigned long end)
> 97 {
> 98 struct acpi_prmt_module_info *module_info;
> 99 struct acpi_prmt_handler_info *handler_info;
> 100 struct prm_handler_info *th;
> 101 struct prm_module_info *tm;
> 102 u64 mmio_count = 0;
> 103 u64 cur_handler = 0;
> 104 u32 module_info_size = 0;
> 105 u64 mmio_range_size = 0;
> 106 void *temp_mmio;
> 107
> 108 module_info = (struct acpi_prmt_module_info *) header;
> 109 module_info_size = struct_size(tm, handlers, module_info->handler_info_count);
> 110 tm = kmalloc(module_info_size, GFP_KERNEL);
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> Check for NULL?
>
> 111
> 112 guid_copy(&tm->guid, (guid_t *) module_info->module_guid);
> 113 tm->major_rev = module_info->major_rev;
> 114 tm->minor_rev = module_info->minor_rev;
> 115 tm->handler_count = module_info->handler_info_count;
> 116 tm->updatable = true;
> 117
> 118 if (module_info->mmio_list_pointer) {
> 119 /*
> 120 * Each module is associated with a list of addr
> 121 * ranges that it can use during the service
> 122 */
> 123 mmio_count = *(u64 *) memremap(module_info->mmio_list_pointer, 8, MEMREMAP_WB);
> 124 mmio_range_size = struct_size(tm->mmio_info, addr_ranges, mmio_count);
> 125 tm->mmio_info = kmalloc(mmio_range_size, GFP_KERNEL);
Also here:
drivers/acpi/prmt.c:131 acpi_parse_prmt() error: potential null dereference 'tm->mmio_info'. (kmalloc returns null)
regards,
dan carpenter
> 126 temp_mmio = memremap(module_info->mmio_list_pointer, mmio_range_size, MEMREMAP_WB);
> 127 memmove(tm->mmio_info, temp_mmio, mmio_range_size);
> 128 } else {
> 129 mmio_range_size = struct_size(tm->mmio_info, addr_ranges, mmio_count);
> 130 tm->mmio_info = kmalloc(mmio_range_size, GFP_KERNEL);
> 131 tm->mmio_info->mmio_count = 0;
> 132 }
> 133
> 134 INIT_LIST_HEAD(&tm->module_list);
> 135 list_add(&tm->module_list, &prm_module_list);
>
> regards,
> dan carpenter
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-06-18 8:41 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-18 8:39 [bug report] ACPI: PRM: implement OperationRegion handler for the PlatformRtMechanism subtype Dan Carpenter
2021-06-18 8:41 ` Dan Carpenter
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.