linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] hyperv: a potential NULL pointer dereference
@ 2019-03-14  5:46 Kangjie Lu
  2019-03-14 14:56 ` KY Srinivasan
                   ` (2 more replies)
  0 siblings, 3 replies; 6+ messages in thread
From: Kangjie Lu @ 2019-03-14  5:46 UTC (permalink / raw)
  To: kjlu
  Cc: pakki001, K. Y. Srinivasan, Haiyang Zhang, Stephen Hemminger,
	Sasha Levin, Thomas Gleixner, Ingo Molnar, Borislav Petkov,
	H. Peter Anvin, x86, linux-hyperv, linux-kernel

In case alloc_page, the fix returns -ENOMEM to avoid the potential
NULL pointer dereference.

Signed-off-by: Kangjie Lu <kjlu@umn.edu>
---
 arch/x86/hyperv/hv_init.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c
index 7abb09e2eeb8..dfdb4ce1ae9c 100644
--- a/arch/x86/hyperv/hv_init.c
+++ b/arch/x86/hyperv/hv_init.c
@@ -102,9 +102,13 @@ static int hv_cpu_init(unsigned int cpu)
 	u64 msr_vp_index;
 	struct hv_vp_assist_page **hvp = &hv_vp_assist_page[smp_processor_id()];
 	void **input_arg;
+	struct page *pg;
 
 	input_arg = (void **)this_cpu_ptr(hyperv_pcpu_input_arg);
-	*input_arg = page_address(alloc_page(GFP_KERNEL));
+	pg = alloc_page(GFP_KERNEL);
+	if (unlikely(!pg))
+		return -ENOMEM;
+	*input_arg = page_address(pg);
 
 	hv_get_vp_index(msr_vp_index);
 
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 6+ messages in thread
* RE: [PATCH] hyperv: a potential NULL pointer dereference
  2019-03-14  5:46 [PATCH] hyperv: a potential NULL pointer dereference Kangjie Lu
@ 2019-03-14 14:56 ` KY Srinivasan
  2019-03-20 10:20   ` Thomas Gleixner
  2019-03-20 15:50 ` Mukesh Ojha
  2019-03-21 11:30 ` [tip:x86/urgent] x86/hyperv: Prevent " tip-bot for Kangjie Lu
  2 siblings, 1 reply; 6+ messages in thread
From: KY Srinivasan @ 2019-03-14 14:56 UTC (permalink / raw)
  To: Kangjie Lu
  Cc: pakki001, Haiyang Zhang, Stephen Hemminger, Sasha Levin,
	Thomas Gleixner, Ingo Molnar, Borislav Petkov, H. Peter Anvin,
	x86, linux-hyperv, linux-kernel



> -----Original Message-----
> From: Kangjie Lu <kjlu@umn.edu>
> Sent: Wednesday, March 13, 2019 10:47 PM
> To: kjlu@umn.edu
> Cc: pakki001@umn.edu; KY Srinivasan <kys@microsoft.com>; Haiyang Zhang
> <haiyangz@microsoft.com>; Stephen Hemminger
> <sthemmin@microsoft.com>; Sasha Levin <sashal@kernel.org>; Thomas
> Gleixner <tglx@linutronix.de>; Ingo Molnar <mingo@redhat.com>; Borislav
> Petkov <bp@alien8.de>; H. Peter Anvin <hpa@zytor.com>; x86@kernel.org;
> linux-hyperv@vger.kernel.org; linux-kernel@vger.kernel.org
> Subject: [PATCH] hyperv: a potential NULL pointer dereference
> 
> In case alloc_page, the fix returns -ENOMEM to avoid the potential
> NULL pointer dereference.
> 
Thanks.

> Signed-off-by: Kangjie Lu <kjlu@umn.edu>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>

> ---
>  arch/x86/hyperv/hv_init.c | 6 +++++-
>  1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c
> index 7abb09e2eeb8..dfdb4ce1ae9c 100644
> --- a/arch/x86/hyperv/hv_init.c
> +++ b/arch/x86/hyperv/hv_init.c
> @@ -102,9 +102,13 @@ static int hv_cpu_init(unsigned int cpu)
>  	u64 msr_vp_index;
>  	struct hv_vp_assist_page **hvp =
> &hv_vp_assist_page[smp_processor_id()];
>  	void **input_arg;
> +	struct page *pg;
> 
>  	input_arg = (void **)this_cpu_ptr(hyperv_pcpu_input_arg);
> -	*input_arg = page_address(alloc_page(GFP_KERNEL));
> +	pg = alloc_page(GFP_KERNEL);
> +	if (unlikely(!pg))
> +		return -ENOMEM;
> +	*input_arg = page_address(pg);
> 
>  	hv_get_vp_index(msr_vp_index);
> 
> --
> 2.17.1


^ permalink raw reply	[flat|nested] 6+ messages in thread
* RE: [PATCH] hyperv: a potential NULL pointer dereference
  2019-03-14 14:56 ` KY Srinivasan
@ 2019-03-20 10:20   ` Thomas Gleixner
  2019-03-20 14:40     ` KY Srinivasan
  0 siblings, 1 reply; 6+ messages in thread
From: Thomas Gleixner @ 2019-03-20 10:20 UTC (permalink / raw)
  To: KY Srinivasan
  Cc: Kangjie Lu, pakki001, Haiyang Zhang, Stephen Hemminger,
	Sasha Levin, Ingo Molnar, Borislav Petkov, H. Peter Anvin, x86,
	linux-hyperv, linux-kernel

On Thu, 14 Mar 2019, KY Srinivasan wrote:
> > -----Original Message-----
> > From: Kangjie Lu <kjlu@umn.edu>
> > Sent: Wednesday, March 13, 2019 10:47 PM
> > To: kjlu@umn.edu
> > Cc: pakki001@umn.edu; KY Srinivasan <kys@microsoft.com>; Haiyang Zhang
> > <haiyangz@microsoft.com>; Stephen Hemminger
> > <sthemmin@microsoft.com>; Sasha Levin <sashal@kernel.org>; Thomas
> > Gleixner <tglx@linutronix.de>; Ingo Molnar <mingo@redhat.com>; Borislav
> > Petkov <bp@alien8.de>; H. Peter Anvin <hpa@zytor.com>; x86@kernel.org;
> > linux-hyperv@vger.kernel.org; linux-kernel@vger.kernel.org
> > Subject: [PATCH] hyperv: a potential NULL pointer dereference
> > 
> > In case alloc_page, the fix returns -ENOMEM to avoid the potential
> > NULL pointer dereference.
> > 
> Thanks.
> 
> > Signed-off-by: Kangjie Lu <kjlu@umn.edu>
> Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>

Did you mean: Reviewed-by or Acked-by?

You cannot sign off on a patch from
someone else which you are not picking up and transporting it further.

Thanks,

	tglx

^ permalink raw reply	[flat|nested] 6+ messages in thread
* RE: [PATCH] hyperv: a potential NULL pointer dereference
  2019-03-20 10:20   ` Thomas Gleixner
@ 2019-03-20 14:40     ` KY Srinivasan
  0 siblings, 0 replies; 6+ messages in thread
From: KY Srinivasan @ 2019-03-20 14:40 UTC (permalink / raw)
  To: Thomas Gleixner
  Cc: Kangjie Lu, pakki001, Haiyang Zhang, Stephen Hemminger,
	Sasha Levin, Ingo Molnar, Borislav Petkov, H. Peter Anvin, x86,
	linux-hyperv, linux-kernel



> -----Original Message-----
> From: Thomas Gleixner <tglx@linutronix.de>
> Sent: Wednesday, March 20, 2019 3:21 AM
> To: KY Srinivasan <kys@microsoft.com>
> Cc: Kangjie Lu <kjlu@umn.edu>; pakki001@umn.edu; Haiyang Zhang
> <haiyangz@microsoft.com>; Stephen Hemminger
> <sthemmin@microsoft.com>; Sasha Levin <sashal@kernel.org>; Ingo Molnar
> <mingo@redhat.com>; Borislav Petkov <bp@alien8.de>; H. Peter Anvin
> <hpa@zytor.com>; x86@kernel.org; linux-hyperv@vger.kernel.org; linux-
> kernel@vger.kernel.org
> Subject: RE: [PATCH] hyperv: a potential NULL pointer dereference
> 
> On Thu, 14 Mar 2019, KY Srinivasan wrote:
> > > -----Original Message-----
> > > From: Kangjie Lu <kjlu@umn.edu>
> > > Sent: Wednesday, March 13, 2019 10:47 PM
> > > To: kjlu@umn.edu
> > > Cc: pakki001@umn.edu; KY Srinivasan <kys@microsoft.com>; Haiyang
> Zhang
> > > <haiyangz@microsoft.com>; Stephen Hemminger
> > > <sthemmin@microsoft.com>; Sasha Levin <sashal@kernel.org>; Thomas
> > > Gleixner <tglx@linutronix.de>; Ingo Molnar <mingo@redhat.com>;
> Borislav
> > > Petkov <bp@alien8.de>; H. Peter Anvin <hpa@zytor.com>;
> x86@kernel.org;
> > > linux-hyperv@vger.kernel.org; linux-kernel@vger.kernel.org
> > > Subject: [PATCH] hyperv: a potential NULL pointer dereference
> > >
> > > In case alloc_page, the fix returns -ENOMEM to avoid the potential
> > > NULL pointer dereference.
> > >
> > Thanks.
> >
> > > Signed-off-by: Kangjie Lu <kjlu@umn.edu>
> > Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
> 
> Did you mean: Reviewed-by or Acked-by?
Sorry, I meant Acked-by.

K. Y
> 
> You cannot sign off on a patch from
> someone else which you are not picking up and transporting it further.
> 
> Thanks,
> 
> 	tglx

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [PATCH] hyperv: a potential NULL pointer dereference
  2019-03-14  5:46 [PATCH] hyperv: a potential NULL pointer dereference Kangjie Lu
  2019-03-14 14:56 ` KY Srinivasan
@ 2019-03-20 15:50 ` Mukesh Ojha
  2019-03-21 11:30 ` [tip:x86/urgent] x86/hyperv: Prevent " tip-bot for Kangjie Lu
  2 siblings, 0 replies; 6+ messages in thread
From: Mukesh Ojha @ 2019-03-20 15:50 UTC (permalink / raw)
  To: Kangjie Lu
  Cc: pakki001, K. Y. Srinivasan, Haiyang Zhang, Stephen Hemminger,
	Sasha Levin, Thomas Gleixner, Ingo Molnar, Borislav Petkov,
	H. Peter Anvin, x86, linux-hyperv, linux-kernel


On 3/14/2019 11:16 AM, Kangjie Lu wrote:
> In case alloc_page, the fix returns -ENOMEM to avoid the potential
> NULL pointer dereference.
>
> Signed-off-by: Kangjie Lu <kjlu@umn.edu>
> ---
>   arch/x86/hyperv/hv_init.c | 6 +++++-
>   1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c
> index 7abb09e2eeb8..dfdb4ce1ae9c 100644
> --- a/arch/x86/hyperv/hv_init.c
> +++ b/arch/x86/hyperv/hv_init.c
> @@ -102,9 +102,13 @@ static int hv_cpu_init(unsigned int cpu)
>   	u64 msr_vp_index;
>   	struct hv_vp_assist_page **hvp = &hv_vp_assist_page[smp_processor_id()];
>   	void **input_arg;
> +	struct page *pg;
>   
>   	input_arg = (void **)this_cpu_ptr(hyperv_pcpu_input_arg);
> -	*input_arg = page_address(alloc_page(GFP_KERNEL));
> +	pg = alloc_page(GFP_KERNEL);
> +	if (unlikely(!pg))
> +		return -ENOMEM;
> +	*input_arg = page_address(pg);
>   
>   	hv_get_vp_index(msr_vp_index);



Looks good to me.
Reviewed-by: Mukesh Ojha <mojha@codeaurora.org>


Thanks.
Mukesh


>   

^ permalink raw reply	[flat|nested] 6+ messages in thread
* [tip:x86/urgent] x86/hyperv: Prevent potential NULL pointer dereference
  2019-03-14  5:46 [PATCH] hyperv: a potential NULL pointer dereference Kangjie Lu
  2019-03-14 14:56 ` KY Srinivasan
  2019-03-20 15:50 ` Mukesh Ojha
@ 2019-03-21 11:30 ` tip-bot for Kangjie Lu
  2 siblings, 0 replies; 6+ messages in thread
From: tip-bot for Kangjie Lu @ 2019-03-21 11:30 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: sashal, mojha, hpa, kys, sthemmin, kjlu, linux-kernel, mingo, bp,
	tglx, haiyangz

Commit-ID:  534c89c22e26b183d838294f0937ee092c82ad3a
Gitweb:     https://git.kernel.org/tip/534c89c22e26b183d838294f0937ee092c82ad3a
Author:     Kangjie Lu <kjlu@umn.edu>
AuthorDate: Thu, 14 Mar 2019 00:46:51 -0500
Committer:  Thomas Gleixner <tglx@linutronix.de>
CommitDate: Thu, 21 Mar 2019 12:24:39 +0100

x86/hyperv: Prevent potential NULL pointer dereference

The page allocation in hv_cpu_init() can fail, but the code does not
have a check for that.

Add a check and return -ENOMEM when the allocation fails.

[ tglx: Massaged changelog ]

Signed-off-by: Kangjie Lu <kjlu@umn.edu>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Mukesh Ojha <mojha@codeaurora.org>
Acked-by: "K. Y. Srinivasan" <kys@microsoft.com>
Cc: pakki001@umn.edu
Cc: Haiyang Zhang <haiyangz@microsoft.com>
Cc: Stephen Hemminger <sthemmin@microsoft.com>
Cc: Sasha Levin <sashal@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: linux-hyperv@vger.kernel.org
Link: https://lkml.kernel.org/r/20190314054651.1315-1-kjlu@umn.edu

---
 arch/x86/hyperv/hv_init.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c
index 6461a16b4559..e4ba467a9fc6 100644
--- a/arch/x86/hyperv/hv_init.c
+++ b/arch/x86/hyperv/hv_init.c
@@ -103,9 +103,13 @@ static int hv_cpu_init(unsigned int cpu)
 	u64 msr_vp_index;
 	struct hv_vp_assist_page **hvp = &hv_vp_assist_page[smp_processor_id()];
 	void **input_arg;
+	struct page *pg;
 
 	input_arg = (void **)this_cpu_ptr(hyperv_pcpu_input_arg);
-	*input_arg = page_address(alloc_page(GFP_KERNEL));
+	pg = alloc_page(GFP_KERNEL);
+	if (unlikely(!pg))
+		return -ENOMEM;
+	*input_arg = page_address(pg);
 
 	hv_get_vp_index(msr_vp_index);
 

^ permalink raw reply related	[flat|nested] 6+ messages in thread
end of thread, other threads:[~2019-03-21 11:30 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-03-14  5:46 [PATCH] hyperv: a potential NULL pointer dereference Kangjie Lu
2019-03-14 14:56 ` KY Srinivasan
2019-03-20 10:20   ` Thomas Gleixner
2019-03-20 14:40     ` KY Srinivasan
2019-03-20 15:50 ` Mukesh Ojha
2019-03-21 11:30 ` [tip:x86/urgent] x86/hyperv: Prevent " tip-bot for Kangjie Lu

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).