In case alloc_page, the fix returns -ENOMEM to avoid the potential
NULL pointer dereference.
Signed-off-by: Kangjie Lu <[email protected]>
---
arch/x86/hyperv/hv_init.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c
index 7abb09e2eeb8..dfdb4ce1ae9c 100644
--- a/arch/x86/hyperv/hv_init.c
+++ b/arch/x86/hyperv/hv_init.c
@@ -102,9 +102,13 @@ static int hv_cpu_init(unsigned int cpu)
u64 msr_vp_index;
struct hv_vp_assist_page **hvp = &hv_vp_assist_page[smp_processor_id()];
void **input_arg;
+ struct page *pg;
input_arg = (void **)this_cpu_ptr(hyperv_pcpu_input_arg);
- *input_arg = page_address(alloc_page(GFP_KERNEL));
+ pg = alloc_page(GFP_KERNEL);
+ if (unlikely(!pg))
+ return -ENOMEM;
+ *input_arg = page_address(pg);
hv_get_vp_index(msr_vp_index);
--
2.17.1
> -----Original Message-----
> From: Kangjie Lu <[email protected]>
> Sent: Wednesday, March 13, 2019 10:47 PM
> To: [email protected]
> Cc: [email protected]; KY Srinivasan <[email protected]>; Haiyang Zhang
> <[email protected]>; Stephen Hemminger
> <[email protected]>; Sasha Levin <[email protected]>; Thomas
> Gleixner <[email protected]>; Ingo Molnar <[email protected]>; Borislav
> Petkov <[email protected]>; H. Peter Anvin <[email protected]>; [email protected];
> [email protected]; [email protected]
> Subject: [PATCH] hyperv: a potential NULL pointer dereference
>
> In case alloc_page, the fix returns -ENOMEM to avoid the potential
> NULL pointer dereference.
>
Thanks.
> Signed-off-by: Kangjie Lu <[email protected]>
Signed-off-by: K. Y. Srinivasan <[email protected]>
> ---
> arch/x86/hyperv/hv_init.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c
> index 7abb09e2eeb8..dfdb4ce1ae9c 100644
> --- a/arch/x86/hyperv/hv_init.c
> +++ b/arch/x86/hyperv/hv_init.c
> @@ -102,9 +102,13 @@ static int hv_cpu_init(unsigned int cpu)
> u64 msr_vp_index;
> struct hv_vp_assist_page **hvp =
> &hv_vp_assist_page[smp_processor_id()];
> void **input_arg;
> + struct page *pg;
>
> input_arg = (void **)this_cpu_ptr(hyperv_pcpu_input_arg);
> - *input_arg = page_address(alloc_page(GFP_KERNEL));
> + pg = alloc_page(GFP_KERNEL);
> + if (unlikely(!pg))
> + return -ENOMEM;
> + *input_arg = page_address(pg);
>
> hv_get_vp_index(msr_vp_index);
>
> --
> 2.17.1
On Thu, 14 Mar 2019, KY Srinivasan wrote:
> > -----Original Message-----
> > From: Kangjie Lu <[email protected]>
> > Sent: Wednesday, March 13, 2019 10:47 PM
> > To: [email protected]
> > Cc: [email protected]; KY Srinivasan <[email protected]>; Haiyang Zhang
> > <[email protected]>; Stephen Hemminger
> > <[email protected]>; Sasha Levin <[email protected]>; Thomas
> > Gleixner <[email protected]>; Ingo Molnar <[email protected]>; Borislav
> > Petkov <[email protected]>; H. Peter Anvin <[email protected]>; [email protected];
> > [email protected]; [email protected]
> > Subject: [PATCH] hyperv: a potential NULL pointer dereference
> >
> > In case alloc_page, the fix returns -ENOMEM to avoid the potential
> > NULL pointer dereference.
> >
> Thanks.
>
> > Signed-off-by: Kangjie Lu <[email protected]>
> Signed-off-by: K. Y. Srinivasan <[email protected]>
Did you mean: Reviewed-by or Acked-by?
You cannot sign off on a patch from
someone else which you are not picking up and transporting it further.
Thanks,
tglx
> -----Original Message-----
> From: Thomas Gleixner <[email protected]>
> Sent: Wednesday, March 20, 2019 3:21 AM
> To: KY Srinivasan <[email protected]>
> Cc: Kangjie Lu <[email protected]>; [email protected]; Haiyang Zhang
> <[email protected]>; Stephen Hemminger
> <[email protected]>; Sasha Levin <[email protected]>; Ingo Molnar
> <[email protected]>; Borislav Petkov <[email protected]>; H. Peter Anvin
> <[email protected]>; [email protected]; [email protected]; linux-
> [email protected]
> Subject: RE: [PATCH] hyperv: a potential NULL pointer dereference
>
> On Thu, 14 Mar 2019, KY Srinivasan wrote:
> > > -----Original Message-----
> > > From: Kangjie Lu <[email protected]>
> > > Sent: Wednesday, March 13, 2019 10:47 PM
> > > To: [email protected]
> > > Cc: [email protected]; KY Srinivasan <[email protected]>; Haiyang
> Zhang
> > > <[email protected]>; Stephen Hemminger
> > > <[email protected]>; Sasha Levin <[email protected]>; Thomas
> > > Gleixner <[email protected]>; Ingo Molnar <[email protected]>;
> Borislav
> > > Petkov <[email protected]>; H. Peter Anvin <[email protected]>;
> [email protected];
> > > [email protected]; [email protected]
> > > Subject: [PATCH] hyperv: a potential NULL pointer dereference
> > >
> > > In case alloc_page, the fix returns -ENOMEM to avoid the potential
> > > NULL pointer dereference.
> > >
> > Thanks.
> >
> > > Signed-off-by: Kangjie Lu <[email protected]>
> > Signed-off-by: K. Y. Srinivasan <[email protected]>
>
> Did you mean: Reviewed-by or Acked-by?
Sorry, I meant Acked-by.
K. Y
>
> You cannot sign off on a patch from
> someone else which you are not picking up and transporting it further.
>
> Thanks,
>
> tglx
On 3/14/2019 11:16 AM, Kangjie Lu wrote:
> In case alloc_page, the fix returns -ENOMEM to avoid the potential
> NULL pointer dereference.
>
> Signed-off-by: Kangjie Lu <[email protected]>
> ---
> arch/x86/hyperv/hv_init.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c
> index 7abb09e2eeb8..dfdb4ce1ae9c 100644
> --- a/arch/x86/hyperv/hv_init.c
> +++ b/arch/x86/hyperv/hv_init.c
> @@ -102,9 +102,13 @@ static int hv_cpu_init(unsigned int cpu)
> u64 msr_vp_index;
> struct hv_vp_assist_page **hvp = &hv_vp_assist_page[smp_processor_id()];
> void **input_arg;
> + struct page *pg;
>
> input_arg = (void **)this_cpu_ptr(hyperv_pcpu_input_arg);
> - *input_arg = page_address(alloc_page(GFP_KERNEL));
> + pg = alloc_page(GFP_KERNEL);
> + if (unlikely(!pg))
> + return -ENOMEM;
> + *input_arg = page_address(pg);
>
> hv_get_vp_index(msr_vp_index);
Looks good to me.
Reviewed-by: Mukesh Ojha <[email protected]>
Thanks.
Mukesh
>
Commit-ID: 534c89c22e26b183d838294f0937ee092c82ad3a
Gitweb: https://git.kernel.org/tip/534c89c22e26b183d838294f0937ee092c82ad3a
Author: Kangjie Lu <[email protected]>
AuthorDate: Thu, 14 Mar 2019 00:46:51 -0500
Committer: Thomas Gleixner <[email protected]>
CommitDate: Thu, 21 Mar 2019 12:24:39 +0100
x86/hyperv: Prevent potential NULL pointer dereference
The page allocation in hv_cpu_init() can fail, but the code does not
have a check for that.
Add a check and return -ENOMEM when the allocation fails.
[ tglx: Massaged changelog ]
Signed-off-by: Kangjie Lu <[email protected]>
Signed-off-by: Thomas Gleixner <[email protected]>
Reviewed-by: Mukesh Ojha <[email protected]>
Acked-by: "K. Y. Srinivasan" <[email protected]>
Cc: [email protected]
Cc: Haiyang Zhang <[email protected]>
Cc: Stephen Hemminger <[email protected]>
Cc: Sasha Levin <[email protected]>
Cc: Borislav Petkov <[email protected]>
Cc: "H. Peter Anvin" <[email protected]>
Cc: [email protected]
Link: https://lkml.kernel.org/r/[email protected]
---
arch/x86/hyperv/hv_init.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c
index 6461a16b4559..e4ba467a9fc6 100644
--- a/arch/x86/hyperv/hv_init.c
+++ b/arch/x86/hyperv/hv_init.c
@@ -103,9 +103,13 @@ static int hv_cpu_init(unsigned int cpu)
u64 msr_vp_index;
struct hv_vp_assist_page **hvp = &hv_vp_assist_page[smp_processor_id()];
void **input_arg;
+ struct page *pg;
input_arg = (void **)this_cpu_ptr(hyperv_pcpu_input_arg);
- *input_arg = page_address(alloc_page(GFP_KERNEL));
+ pg = alloc_page(GFP_KERNEL);
+ if (unlikely(!pg))
+ return -ENOMEM;
+ *input_arg = page_address(pg);
hv_get_vp_index(msr_vp_index);