linux-pm.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] cpufreq: powernow-k8: avoid use after free issue in cpufreq_notify_transition()
@ 2019-12-28  2:57 qiwuchen55
  2020-01-06  5:44 ` Viresh Kumar
  0 siblings, 1 reply; 2+ messages in thread
From: qiwuchen55 @ 2019-12-28  2:57 UTC (permalink / raw)
  To: rjw, viresh.kumar; +Cc: linux-pm, linux-kernel, chenqiwu

From: chenqiwu <chenqiwu@xiaomi.com>

There is a potential UAF issue in cpufreq_notify_transition() that the
cpufreq of current cpu has been released before using it. So we should
make a judgement and avoid it.

Signed-off-by: chenqiwu <chenqiwu@xiaomi.com>
---
 drivers/cpufreq/powernow-k8.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/drivers/cpufreq/powernow-k8.c b/drivers/cpufreq/powernow-k8.c
index 2db2f17..7391eb0 100644
--- a/drivers/cpufreq/powernow-k8.c
+++ b/drivers/cpufreq/powernow-k8.c
@@ -913,6 +913,11 @@ static int transition_frequency_fidvid(struct powernow_k8_data *data,
 	freqs.new = find_khz_freq_from_fid(fid);
 
 	policy = cpufreq_cpu_get(smp_processor_id());
+	if (!policy) {
+		pr_debug("cpu %d: CPUFreq policy not found\n",
+			 smp_processor_id());
+		return 1;
+	}
 	cpufreq_cpu_put(policy);
 
 	cpufreq_freq_transition_begin(policy, &freqs);
-- 
1.9.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH] cpufreq: powernow-k8: avoid use after free issue in cpufreq_notify_transition()
  2019-12-28  2:57 [PATCH] cpufreq: powernow-k8: avoid use after free issue in cpufreq_notify_transition() qiwuchen55
@ 2020-01-06  5:44 ` Viresh Kumar
  0 siblings, 0 replies; 2+ messages in thread
From: Viresh Kumar @ 2020-01-06  5:44 UTC (permalink / raw)
  To: qiwuchen55; +Cc: rjw, linux-pm, linux-kernel, chenqiwu

On 28-12-19, 10:57, qiwuchen55@gmail.com wrote:
> From: chenqiwu <chenqiwu@xiaomi.com>
> 
> There is a potential UAF issue in cpufreq_notify_transition() that the
> cpufreq of current cpu has been released before using it. So we should
> make a judgement and avoid it.
> 
> Signed-off-by: chenqiwu <chenqiwu@xiaomi.com>
> ---
>  drivers/cpufreq/powernow-k8.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/drivers/cpufreq/powernow-k8.c b/drivers/cpufreq/powernow-k8.c
> index 2db2f17..7391eb0 100644
> --- a/drivers/cpufreq/powernow-k8.c
> +++ b/drivers/cpufreq/powernow-k8.c
> @@ -913,6 +913,11 @@ static int transition_frequency_fidvid(struct powernow_k8_data *data,
>  	freqs.new = find_khz_freq_from_fid(fid);
>  
>  	policy = cpufreq_cpu_get(smp_processor_id());
> +	if (!policy) {
> +		pr_debug("cpu %d: CPUFreq policy not found\n",
> +			 smp_processor_id());
> +		return 1;
> +	}

You $subject and this change doesn't look related to me. The cpufreq
policy shall never be NULL here as we are in the middle of changing
frequency, initiated by cpufreq core itself.

>  	cpufreq_cpu_put(policy);
>  
>  	cpufreq_freq_transition_begin(policy, &freqs);
> -- 
> 1.9.1

-- 
viresh

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-01-06  5:45 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-28  2:57 [PATCH] cpufreq: powernow-k8: avoid use after free issue in cpufreq_notify_transition() qiwuchen55
2020-01-06  5:44 ` Viresh Kumar

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).