This patch looks like it should be in the 3.9-stable tree, should we apply
it?
------------------
From: "Jon Mason <[email protected]>"
commit 186f27ff9f9ec5c110739ced88ce9f8fca053882 upstream
Correct instances of variable dereferencing before checking its value on
the functions exported to the client drivers. Also, add sanity checks
for all exported functions.
Reported-by: Dan Carpenter <[email protected]>
Signed-off-by: Jon Mason <[email protected]>
Signed-off-by: Jonghwan Choi <[email protected]>
---
drivers/ntb/ntb_transport.c | 16 ++++++++++++++--
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/drivers/ntb/ntb_transport.c b/drivers/ntb/ntb_transport.c
index e0bdfd7..74c5812 100644
--- a/drivers/ntb/ntb_transport.c
+++ b/drivers/ntb/ntb_transport.c
@@ -1210,12 +1210,14 @@ EXPORT_SYMBOL_GPL(ntb_transport_create_queue);
*/
void ntb_transport_free_queue(struct ntb_transport_qp *qp)
{
- struct pci_dev *pdev = ntb_query_pdev(qp->ndev);
+ struct pci_dev *pdev;
struct ntb_queue_entry *entry;
if (!qp)
return;
+ pdev = ntb_query_pdev(qp->ndev);
+
cancel_delayed_work_sync(&qp->link_work);
ntb_unregister_db_callback(qp->ndev, qp->qp_num);
@@ -1371,12 +1373,13 @@ EXPORT_SYMBOL_GPL(ntb_transport_link_up);
*/
void ntb_transport_link_down(struct ntb_transport_qp *qp)
{
- struct pci_dev *pdev = ntb_query_pdev(qp->ndev);
+ struct pci_dev *pdev;
int rc, val;
if (!qp)
return;
+ pdev = ntb_query_pdev(qp->ndev);
qp->client_ready = NTB_LINK_DOWN;
rc = ntb_read_local_spad(qp->ndev, QP_LINKS, &val);
@@ -1408,6 +1411,9 @@ EXPORT_SYMBOL_GPL(ntb_transport_link_down);
*/
bool ntb_transport_link_query(struct ntb_transport_qp *qp)
{
+ if (!qp)
+ return false;
+
return qp->qp_link == NTB_LINK_UP;
}
EXPORT_SYMBOL_GPL(ntb_transport_link_query);
@@ -1422,6 +1428,9 @@ EXPORT_SYMBOL_GPL(ntb_transport_link_query);
*/
unsigned char ntb_transport_qp_num(struct ntb_transport_qp *qp)
{
+ if (!qp)
+ return 0;
+
return qp->qp_num;
}
EXPORT_SYMBOL_GPL(ntb_transport_qp_num);
@@ -1436,6 +1445,9 @@ EXPORT_SYMBOL_GPL(ntb_transport_qp_num);
*/
unsigned int ntb_transport_max_size(struct ntb_transport_qp *qp)
{
+ if (!qp)
+ return 0;
+
return qp->tx_max_frame - sizeof(struct ntb_payload_header);
}
EXPORT_SYMBOL_GPL(ntb_transport_max_size);
--
1.7.9.5
Jon Mason agrees that this could also be applied to the 3.9
"Yes, please do. I'll respond to each of the patch series, but please apply
them all. Also, one patch was omitted from these, titled
NTB: variable dereferenced before check
Please include that patch in 3.9 stable as well.
"
Thanks.
Best Regards.
> -----Original Message-----
> From: [email protected] [mailto:[email protected]]
> On Behalf Of Jonghwan Choi
> Sent: Monday, May 20, 2013 10:58 AM
> To: 'Jonghwan Choi'; [email protected]
> Cc: [email protected]; 'Jon Mason'; [email protected]
> Subject: [PATCH 3.9-stable] NTB: variable dereferenced before check
>
> This patch looks like it should be in the 3.9-stable tree, should we apply
> it?
>
> ------------------
>
> From: "Jon Mason <[email protected]>"
>
> commit 186f27ff9f9ec5c110739ced88ce9f8fca053882 upstream
>
> Correct instances of variable dereferencing before checking its value on
> the functions exported to the client drivers. Also, add sanity checks
> for all exported functions.
>
> Reported-by: Dan Carpenter <[email protected]>
> Signed-off-by: Jon Mason <[email protected]>
> Signed-off-by: Jonghwan Choi <[email protected]>
> ---
> drivers/ntb/ntb_transport.c | 16 ++++++++++++++--
> 1 file changed, 14 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/ntb/ntb_transport.c b/drivers/ntb/ntb_transport.c
> index e0bdfd7..74c5812 100644
> --- a/drivers/ntb/ntb_transport.c
> +++ b/drivers/ntb/ntb_transport.c
> @@ -1210,12 +1210,14 @@ EXPORT_SYMBOL_GPL(ntb_transport_create_queue);
> */
> void ntb_transport_free_queue(struct ntb_transport_qp *qp)
> {
> - struct pci_dev *pdev = ntb_query_pdev(qp->ndev);
> + struct pci_dev *pdev;
> struct ntb_queue_entry *entry;
>
> if (!qp)
> return;
>
> + pdev = ntb_query_pdev(qp->ndev);
> +
> cancel_delayed_work_sync(&qp->link_work);
>
> ntb_unregister_db_callback(qp->ndev, qp->qp_num);
> @@ -1371,12 +1373,13 @@ EXPORT_SYMBOL_GPL(ntb_transport_link_up);
> */
> void ntb_transport_link_down(struct ntb_transport_qp *qp)
> {
> - struct pci_dev *pdev = ntb_query_pdev(qp->ndev);
> + struct pci_dev *pdev;
> int rc, val;
>
> if (!qp)
> return;
>
> + pdev = ntb_query_pdev(qp->ndev);
> qp->client_ready = NTB_LINK_DOWN;
>
> rc = ntb_read_local_spad(qp->ndev, QP_LINKS, &val);
> @@ -1408,6 +1411,9 @@ EXPORT_SYMBOL_GPL(ntb_transport_link_down);
> */
> bool ntb_transport_link_query(struct ntb_transport_qp *qp)
> {
> + if (!qp)
> + return false;
> +
> return qp->qp_link == NTB_LINK_UP;
> }
> EXPORT_SYMBOL_GPL(ntb_transport_link_query);
> @@ -1422,6 +1428,9 @@ EXPORT_SYMBOL_GPL(ntb_transport_link_query);
> */
> unsigned char ntb_transport_qp_num(struct ntb_transport_qp *qp)
> {
> + if (!qp)
> + return 0;
> +
> return qp->qp_num;
> }
> EXPORT_SYMBOL_GPL(ntb_transport_qp_num);
> @@ -1436,6 +1445,9 @@ EXPORT_SYMBOL_GPL(ntb_transport_qp_num);
> */
> unsigned int ntb_transport_max_size(struct ntb_transport_qp *qp)
> {
> + if (!qp)
> + return 0;
> +
> return qp->tx_max_frame - sizeof(struct ntb_payload_header);
> }
> EXPORT_SYMBOL_GPL(ntb_transport_max_size);
> --
> 1.7.9.5
>
> --
> To unsubscribe from this list: send the line "unsubscribe stable" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html