linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH v2] ASoC: samsung: i2s: Null pointer dereference on samsung_i2s_remove
@ 2017-08-11 12:35 ` Anton Vasilyev
  2017-08-11 13:00   ` Sylwester Nawrocki
  2017-08-16 16:02   ` Applied "ASoC: samsung: i2s: Null pointer dereference on samsung_i2s_remove" to the asoc tree Mark Brown
  0 siblings, 2 replies; 3+ messages in thread
From: Anton Vasilyev @ 2017-08-11 12:35 UTC (permalink / raw)
  To: Sylwester Nawrocki
  Cc: Anton Vasilyev, Krzysztof Kozlowski, Sangbeom Kim, Liam Girdwood,
	Mark Brown, Jaroslav Kysela, Takashi Iwai, alsa-devel,
	linux-kernel, ldv-project

If (quirks & QUIRK_SEC_DAI == 0) then samsung_i2s_probe() doesn't allocate
sec_dai and pri_dai->sec_dai remains Null, but samsung_i2s_remove()
permorms pri_dai->sec_dai dereference in any case.

The patch adds sec_dai check on Null before derefence at
samsung_i2s_remove().

Found by Linux Driver Verification project (linuxtesting.org).

Signed-off-by: Anton Vasilyev <vasilyev@ispras.ru>
---
v2: Drop initialization of sec_dai at samsung_i2s_remove as Sylwester
Nawrocki suggest.
---
 sound/soc/samsung/i2s.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/sound/soc/samsung/i2s.c b/sound/soc/samsung/i2s.c
index af3ba4d..6f896e3 100644
--- a/sound/soc/samsung/i2s.c
+++ b/sound/soc/samsung/i2s.c
@@ -1376,13 +1376,9 @@ static int samsung_i2s_probe(struct platform_device *pdev)
 
 static int samsung_i2s_remove(struct platform_device *pdev)
 {
-	struct i2s_dai *pri_dai, *sec_dai;
+	struct i2s_dai *pri_dai;
 
 	pri_dai = dev_get_drvdata(&pdev->dev);
-	sec_dai = pri_dai->sec_dai;
-
-	pri_dai->sec_dai = NULL;
-	sec_dai->pri_dai = NULL;
 
 	pm_runtime_get_sync(&pdev->dev);
 	pm_runtime_disable(&pdev->dev);
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH v2] ASoC: samsung: i2s: Null pointer dereference on samsung_i2s_remove
  2017-08-11 12:35 ` [PATCH v2] ASoC: samsung: i2s: Null pointer dereference on samsung_i2s_remove Anton Vasilyev
@ 2017-08-11 13:00   ` Sylwester Nawrocki
  2017-08-16 16:02   ` Applied "ASoC: samsung: i2s: Null pointer dereference on samsung_i2s_remove" to the asoc tree Mark Brown
  1 sibling, 0 replies; 3+ messages in thread
From: Sylwester Nawrocki @ 2017-08-11 13:00 UTC (permalink / raw)
  To: Anton Vasilyev
  Cc: Krzysztof Kozlowski, Sangbeom Kim, Liam Girdwood, Mark Brown,
	Jaroslav Kysela, Takashi Iwai, alsa-devel, linux-kernel,
	ldv-project

On 08/11/2017 02:35 PM, Anton Vasilyev wrote:
> If (quirks & QUIRK_SEC_DAI == 0) then samsung_i2s_probe() doesn't allocate
> sec_dai and pri_dai->sec_dai remains Null, but samsung_i2s_remove()
> permorms pri_dai->sec_dai dereference in any case.
   ^^^^^^^^
Still you have a typo here. ;)

> The patch adds sec_dai check on Null before derefence at
> samsung_i2s_remove().
> 
> Found by Linux Driver Verification project (linuxtesting.org).
> 
> Signed-off-by: Anton Vasilyev<vasilyev@ispras.ru>

Reviewed-by: Sylwester Nawrocki <s.nawrocki@samsung.com>

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Applied "ASoC: samsung: i2s: Null pointer dereference on samsung_i2s_remove" to the asoc tree
  2017-08-11 12:35 ` [PATCH v2] ASoC: samsung: i2s: Null pointer dereference on samsung_i2s_remove Anton Vasilyev
  2017-08-11 13:00   ` Sylwester Nawrocki
@ 2017-08-16 16:02   ` Mark Brown
  1 sibling, 0 replies; 3+ messages in thread
From: Mark Brown @ 2017-08-16 16:02 UTC (permalink / raw)
  To: Anton Vasilyev
  Cc: Krzysztof Kozlowski, Mark Brown, Sylwester Nawrocki, ldv-project,
	alsa-devel, Sangbeom Kim, linux-kernel, Takashi Iwai,
	Liam Girdwood, Krzysztof Kozlowski, Mark Brown, alsa-devel

The patch

   ASoC: samsung: i2s: Null pointer dereference on samsung_i2s_remove

has been applied to the asoc tree at

   git://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound.git 

All being well this means that it will be integrated into the linux-next
tree (usually sometime in the next 24 hours) and sent to Linus during
the next merge window (or sooner if it is a bug fix), however if
problems are discovered then the patch may be dropped or reverted.  

You may get further e-mails resulting from automated or manual testing
and review of the tree, please engage with people reporting problems and
send followup patches addressing any issues that are reported if needed.

If any updates are required or you are submitting further changes they
should be sent as incremental updates against current git, existing
patches will not be replaced.

Please add any relevant lists and maintainers to the CCs when replying
to this mail.

Thanks,
Mark

>From 7b814a7d4e83b0917efef9dd11a8c095371f987c Mon Sep 17 00:00:00 2001
From: Anton Vasilyev <vasilyev@ispras.ru>
Date: Tue, 15 Aug 2017 15:19:54 +0300
Subject: [PATCH] ASoC: samsung: i2s: Null pointer dereference on
 samsung_i2s_remove

If (quirks & QUIRK_SEC_DAI == 0) then samsung_i2s_probe() doesn't allocate
sec_dai and pri_dai->sec_dai remains Null, but samsung_i2s_remove()
performs pri_dai->sec_dai dereference in any case.

The patch removes useless reinitialization of sec_dai at
samsung_i2s_remove(), because resources are under devm control.

Found by Linux Driver Verification project (linuxtesting.org).

Signed-off-by: Anton Vasilyev <vasilyev@ispras.ru>
Acked-by: Krzysztof Kozlowski <krzk@kernel.org>
Signed-off-by: Mark Brown <broonie@kernel.org>
---
 sound/soc/samsung/i2s.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/sound/soc/samsung/i2s.c b/sound/soc/samsung/i2s.c
index daf7b892c967..10a4da06c0a1 100644
--- a/sound/soc/samsung/i2s.c
+++ b/sound/soc/samsung/i2s.c
@@ -1388,13 +1388,9 @@ static int samsung_i2s_probe(struct platform_device *pdev)
 
 static int samsung_i2s_remove(struct platform_device *pdev)
 {
-	struct i2s_dai *pri_dai, *sec_dai;
+	struct i2s_dai *pri_dai;
 
 	pri_dai = dev_get_drvdata(&pdev->dev);
-	sec_dai = pri_dai->sec_dai;
-
-	pri_dai->sec_dai = NULL;
-	sec_dai->pri_dai = NULL;
 
 	pm_runtime_get_sync(&pdev->dev);
 	pm_runtime_disable(&pdev->dev);
-- 
2.13.3

^ permalink raw reply related	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2017-08-16 16:02 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <CGME20170811123601epcas4p49ca200aaa39cae3fa0f6cba5bf86f1f8@epcas4p4.samsung.com>
2017-08-11 12:35 ` [PATCH v2] ASoC: samsung: i2s: Null pointer dereference on samsung_i2s_remove Anton Vasilyev
2017-08-11 13:00   ` Sylwester Nawrocki
2017-08-16 16:02   ` Applied "ASoC: samsung: i2s: Null pointer dereference on samsung_i2s_remove" to the asoc tree Mark Brown

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).