From: Mathieu Poirier <mathieu.poirier@linaro.org> To: Suzuki K Poulose <suzuki.poulose@arm.com> Cc: "linux-arm-kernel@lists.infradead.org" <linux-arm-kernel@lists.infradead.org>, "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org> Subject: Re: [PATCH v2 4/9] coresight: Fix csdev connections initialisation Date: Sun, 12 Jun 2016 14:39:27 -0600 [thread overview] Message-ID: <CANLsYkwGckonnLjHbOJQPZ849NQyjf+Zy=N6kjtwwo-kQbbj4Q@mail.gmail.com> (raw) In-Reply-To: <1465204301-24184-5-git-send-email-suzuki.poulose@arm.com> On 6 June 2016 at 03:11, Suzuki K Poulose <suzuki.poulose@arm.com> wrote: > This is a cleanup patch. > > coresight_device->conns holds an array to point to the devices > connected to the OUT ports of a component. Sinks, e.g ETR, do not > have an OUT port (nr_outport = 0), as it streams the trace to > memory via AXI. > > At coresight_register() we do : > > conns = kcalloc(csdev->nr_outport, sizeof(*conns), GFP_KERNEL); > if (!conns) { > ret = -ENOMEM; > goto err_kzalloc_conns; > } > > For ETR, since the total size requested for kcalloc is zero, the return > value is, ZERO_SIZE_PTR ( != NULL). Hence, csdev->conns = ZERO_SIZE_PTR > which cannot be verified later to contain a valid pointer. The code which > accesses the csdev->conns is bounded by the csdev->nr_outport check, > hence we don't try to dereference the ZERO_SIZE_PTR. This patch cleans > up the csdev->conns and csdev->refcnt, initialisation to make sure we This patch no longer deals with csdev->refcnt. > initialise it properly(i.e, either NULL or valid conns array). > > Cc: Mathieu Poirier <mathieu.poirier@linaro.org> > Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com> > --- > drivers/hwtracing/coresight/coresight.c | 24 ++++++++++++++---------- > 1 file changed, 14 insertions(+), 10 deletions(-) > > diff --git a/drivers/hwtracing/coresight/coresight.c b/drivers/hwtracing/coresight/coresight.c > index 0fdaaf4..49eb749 100644 > --- a/drivers/hwtracing/coresight/coresight.c > +++ b/drivers/hwtracing/coresight/coresight.c > @@ -890,7 +890,7 @@ struct coresight_device *coresight_register(struct coresight_desc *desc) > int nr_refcnts = 1; > atomic_t *refcnts = NULL; > struct coresight_device *csdev; > - struct coresight_connection *conns; > + struct coresight_connection *conns = NULL; > > csdev = kzalloc(sizeof(*csdev), GFP_KERNEL); > if (!csdev) { > @@ -918,16 +918,20 @@ struct coresight_device *coresight_register(struct coresight_desc *desc) > > csdev->nr_inport = desc->pdata->nr_inport; > csdev->nr_outport = desc->pdata->nr_outport; > - conns = kcalloc(csdev->nr_outport, sizeof(*conns), GFP_KERNEL); > - if (!conns) { > - ret = -ENOMEM; > - goto err_kzalloc_conns; > - } > > - for (i = 0; i < csdev->nr_outport; i++) { > - conns[i].outport = desc->pdata->outports[i]; > - conns[i].child_name = desc->pdata->child_names[i]; > - conns[i].child_port = desc->pdata->child_ports[i]; > + /* Initialise connections if there is at least one outport */ > + if (csdev->nr_outport) { > + conns = kcalloc(csdev->nr_outport, sizeof(*conns), GFP_KERNEL); > + if (!conns) { > + ret = -ENOMEM; > + goto err_kzalloc_conns; > + } > + > + for (i = 0; i < csdev->nr_outport; i++) { > + conns[i].outport = desc->pdata->outports[i]; > + conns[i].child_name = desc->pdata->child_names[i]; > + conns[i].child_port = desc->pdata->child_ports[i]; > + } > } > > csdev->conns = conns; > -- > 1.9.1 >
WARNING: multiple messages have this Message-ID (diff)
From: mathieu.poirier@linaro.org (Mathieu Poirier) To: linux-arm-kernel@lists.infradead.org Subject: [PATCH v2 4/9] coresight: Fix csdev connections initialisation Date: Sun, 12 Jun 2016 14:39:27 -0600 [thread overview] Message-ID: <CANLsYkwGckonnLjHbOJQPZ849NQyjf+Zy=N6kjtwwo-kQbbj4Q@mail.gmail.com> (raw) In-Reply-To: <1465204301-24184-5-git-send-email-suzuki.poulose@arm.com> On 6 June 2016 at 03:11, Suzuki K Poulose <suzuki.poulose@arm.com> wrote: > This is a cleanup patch. > > coresight_device->conns holds an array to point to the devices > connected to the OUT ports of a component. Sinks, e.g ETR, do not > have an OUT port (nr_outport = 0), as it streams the trace to > memory via AXI. > > At coresight_register() we do : > > conns = kcalloc(csdev->nr_outport, sizeof(*conns), GFP_KERNEL); > if (!conns) { > ret = -ENOMEM; > goto err_kzalloc_conns; > } > > For ETR, since the total size requested for kcalloc is zero, the return > value is, ZERO_SIZE_PTR ( != NULL). Hence, csdev->conns = ZERO_SIZE_PTR > which cannot be verified later to contain a valid pointer. The code which > accesses the csdev->conns is bounded by the csdev->nr_outport check, > hence we don't try to dereference the ZERO_SIZE_PTR. This patch cleans > up the csdev->conns and csdev->refcnt, initialisation to make sure we This patch no longer deals with csdev->refcnt. > initialise it properly(i.e, either NULL or valid conns array). > > Cc: Mathieu Poirier <mathieu.poirier@linaro.org> > Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com> > --- > drivers/hwtracing/coresight/coresight.c | 24 ++++++++++++++---------- > 1 file changed, 14 insertions(+), 10 deletions(-) > > diff --git a/drivers/hwtracing/coresight/coresight.c b/drivers/hwtracing/coresight/coresight.c > index 0fdaaf4..49eb749 100644 > --- a/drivers/hwtracing/coresight/coresight.c > +++ b/drivers/hwtracing/coresight/coresight.c > @@ -890,7 +890,7 @@ struct coresight_device *coresight_register(struct coresight_desc *desc) > int nr_refcnts = 1; > atomic_t *refcnts = NULL; > struct coresight_device *csdev; > - struct coresight_connection *conns; > + struct coresight_connection *conns = NULL; > > csdev = kzalloc(sizeof(*csdev), GFP_KERNEL); > if (!csdev) { > @@ -918,16 +918,20 @@ struct coresight_device *coresight_register(struct coresight_desc *desc) > > csdev->nr_inport = desc->pdata->nr_inport; > csdev->nr_outport = desc->pdata->nr_outport; > - conns = kcalloc(csdev->nr_outport, sizeof(*conns), GFP_KERNEL); > - if (!conns) { > - ret = -ENOMEM; > - goto err_kzalloc_conns; > - } > > - for (i = 0; i < csdev->nr_outport; i++) { > - conns[i].outport = desc->pdata->outports[i]; > - conns[i].child_name = desc->pdata->child_names[i]; > - conns[i].child_port = desc->pdata->child_ports[i]; > + /* Initialise connections if there is at least one outport */ > + if (csdev->nr_outport) { > + conns = kcalloc(csdev->nr_outport, sizeof(*conns), GFP_KERNEL); > + if (!conns) { > + ret = -ENOMEM; > + goto err_kzalloc_conns; > + } > + > + for (i = 0; i < csdev->nr_outport; i++) { > + conns[i].outport = desc->pdata->outports[i]; > + conns[i].child_name = desc->pdata->child_names[i]; > + conns[i].child_port = desc->pdata->child_ports[i]; > + } > } > > csdev->conns = conns; > -- > 1.9.1 >
next prev parent reply other threads:[~2016-06-12 20:39 UTC|newest] Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top 2016-06-06 9:11 [PATCH v2 0/9] coresight: Miscellaneous fixes Suzuki K Poulose 2016-06-06 9:11 ` Suzuki K Poulose 2016-06-06 9:11 ` [PATCH v2 1/9] coresight: Fix NULL pointer dereference in _coresight_build_path Suzuki K Poulose 2016-06-06 9:11 ` Suzuki K Poulose 2016-06-06 9:11 ` [PATCH v2 2/9] coresight: Fix tmc_read_unprepare_etr Suzuki K Poulose 2016-06-06 9:11 ` Suzuki K Poulose 2016-06-06 9:11 ` [PATCH v2 3/9] coresight: Remove erroneous dma_free_coherent in tmc_probe Suzuki K Poulose 2016-06-06 9:11 ` Suzuki K Poulose 2016-06-12 20:38 ` Mathieu Poirier 2016-06-12 20:38 ` Mathieu Poirier 2016-06-06 9:11 ` [PATCH v2 4/9] coresight: Fix csdev connections initialisation Suzuki K Poulose 2016-06-06 9:11 ` Suzuki K Poulose 2016-06-12 20:39 ` Mathieu Poirier [this message] 2016-06-12 20:39 ` Mathieu Poirier 2016-06-13 8:54 ` Suzuki K Poulose 2016-06-13 8:54 ` Suzuki K Poulose 2016-06-13 14:37 ` Mathieu Poirier 2016-06-13 14:37 ` Mathieu Poirier 2016-06-06 9:11 ` [PATCH v2 5/9] coresight: tmc: Limit the trace to available data Suzuki K Poulose 2016-06-06 9:11 ` Suzuki K Poulose 2016-06-06 9:11 ` [PATCH v2 6/9] coresight: etmv4: Fix ETMv4x peripheral ID table Suzuki K Poulose 2016-06-06 9:11 ` Suzuki K Poulose 2016-06-06 9:11 ` [PATCH v2 7/9] coresight: Cleanup TMC status check Suzuki K Poulose 2016-06-06 9:11 ` Suzuki K Poulose 2016-06-06 9:11 ` [PATCH v2 8/9] coresight: Consolidate error handling path for tmc_probe Suzuki K Poulose 2016-06-06 9:11 ` Suzuki K Poulose 2016-06-06 9:11 ` [PATCH v2 9/9] coresight: Add better messages for coresight_timeout Suzuki K Poulose 2016-06-06 9:11 ` Suzuki K Poulose 2016-06-12 20:36 ` Mathieu Poirier 2016-06-12 20:36 ` Mathieu Poirier 2016-06-10 10:31 ` [PATCH] coresight: Fix erroneous memset in tmc_read_unprepare_etr Suzuki K Poulose 2016-06-10 10:31 ` Suzuki K Poulose 2016-06-12 21:06 ` Mathieu Poirier 2016-06-12 21:06 ` Mathieu Poirier 2016-06-13 8:59 ` Suzuki K Poulose 2016-06-13 8:59 ` Suzuki K Poulose
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to='CANLsYkwGckonnLjHbOJQPZ849NQyjf+Zy=N6kjtwwo-kQbbj4Q@mail.gmail.com' \ --to=mathieu.poirier@linaro.org \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-kernel@vger.kernel.org \ --cc=suzuki.poulose@arm.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.