mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-11 11:09:13 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/xen
History
Wen Yang 642e26628c pvcalls-front: fix potential null dereference 
[ Upstream commit b471109806 ]

 static checker warning:
    drivers/xen/pvcalls-front.c:373 alloc_active_ring()
    error: we previously assumed 'map->active.ring' could be null
           (see line 357)

drivers/xen/pvcalls-front.c
    351 static int alloc_active_ring(struct sock_mapping *map)
    352 {
    353     void *bytes;
    354
    355     map->active.ring = (struct pvcalls_data_intf *)
    356         get_zeroed_page(GFP_KERNEL);
    357     if (!map->active.ring)
                    ^^^^^^^^^^^^^^^^^
Check

    358         goto out;
    359
    360     map->active.ring->ring_order = PVCALLS_RING_ORDER;
    361     bytes = (void *)__get_free_pages(GFP_KERNEL | __GFP_ZERO,
    362                     PVCALLS_RING_ORDER);
    363     if (!bytes)
    364         goto out;
    365
    366     map->active.data.in = bytes;
    367     map->active.data.out = bytes +
    368         XEN_FLEX_RING_SIZE(PVCALLS_RING_ORDER);
    369
    370     return 0;
    371
    372 out:
--> 373     free_active_ring(map);
                                 ^^^
Add null check on map->active.ring before dereferencing it to avoid
any NULL pointer dereferences.

Fixes: 9f51c05dc4 ("pvcalls-front: Avoid get_free_pages(GFP_KERNEL) under spinlock")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Suggested-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Wen Yang <wen.yang99@zte.com.cn>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
CC: Boris Ostrovsky <boris.ostrovsky@oracle.com>
CC: Juergen Gross <jgross@suse.com>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Dan Carpenter <dan.carpenter@oracle.com>
CC: xen-devel@lists.xenproject.org
CC: linux-kernel@vger.kernel.org
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2019-02-27 10:08:56 +01:00
..
events xen: Fix x86 sched_clock() interface for xen 2019-01-22 21:40:32 +01:00
xen-pciback treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
xenbus xen: export device state to sysfs 2018-08-28 17:37:40 -04:00
xenfs
acpi.c
arm-device.c treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
balloon.c Revert "xen/balloon: Mark unallocated host memory as UNUSABLE" 2018-12-17 09:24:39 +01:00
biomerge.c xen/biomerge: Use true and false for boolean values 2018-08-06 10:20:57 -04:00
cpu_hotplug.c xen: avoid crash in disable_hotplug_cpu 2018-09-14 08:51:10 -04:00
dbgp.c
efi.c
evtchn.c treewide: kvmalloc() -> kvmalloc_array() 2018-06-12 16:19:22 -07:00
fallback.c
features.c
gntalloc.c
gntdev-common.h xen/gntdev: Add initial support for dma-buf UAPI 2018-07-26 23:05:14 -04:00
gntdev-dmabuf.c drm pull for 4.19-rc1 2018-08-15 17:39:07 -07:00
gntdev-dmabuf.h xen/gntdev: Add initial support for dma-buf UAPI 2018-07-26 23:05:14 -04:00
gntdev.c xen/gntdev: fix up blockable calls to mn_invl_range_start 2018-09-14 08:52:30 -04:00
grant-table.c xen/grant-table: Fix incorrect gnttab_dma_free_pages() pr_debug message 2018-11-27 16:13:04 +01:00
Kconfig xen/balloon: add runtime control for scrubbing ballooned out pages 2018-09-14 08:51:10 -04:00
Makefile xen/gntdev: Add initial support for dma-buf UAPI 2018-07-26 23:05:14 -04:00
manage.c xen/manage: don't complain about an empty value in control/sysrq node 2018-09-14 08:51:10 -04:00
mcelog.c xen/mcelog: eliminate redundant setting of interface version 2018-08-20 14:46:18 -04:00
mem-reservation.c xen/balloon: add runtime control for scrubbing ballooned out pages 2018-09-14 08:51:10 -04:00
pci.c
pcpu.c
platform-pci.c
preempt.c
privcmd-buf.c xen: remove size limit of privcmd-buf mapping interface 2018-11-13 11:08:52 -08:00
privcmd.c xen: add new hypercall buffer mapping device 2018-06-22 08:26:42 +02:00
privcmd.h xen: add new hypercall buffer mapping device 2018-06-22 08:26:42 +02:00
pvcalls-back.c xen/pvcalls: remove set but not used variable 'intf' 2019-02-27 10:08:52 +01:00
pvcalls-front.c pvcalls-front: fix potential null dereference 2019-02-27 10:08:56 +01:00
pvcalls-front.h
swiotlb-xen.c xen-swiotlb: use actually allocated size on check physical continuous 2018-11-13 11:08:40 -08:00
sys-hypervisor.c
time.c
tmem.c
xen-acpi-cpuhotplug.c
xen-acpi-memhotplug.c
xen-acpi-pad.c
xen-acpi-processor.c xen/ACPI: don't upload Px/Cx data for disabled processors 2018-08-20 14:46:18 -04:00
xen-balloon.c xen/balloon: Support xend-based toolstack 2018-11-13 11:08:40 -08:00
xen-scsiback.c SCSI misc on 20180815 2018-08-15 22:06:26 -07:00
xen-selfballoon.c
xen-stub.c
xlate_mmu.c xen: xlate_mmu: add missing header to fix 'W=1' warning 2018-12-17 09:24:39 +01:00