Resent in plain text, sorry for the previous HTML.
Zhengchao Shao <[email protected]> identified by inspection bugs in the error path of hdlcdev_open() in synclink_gt.c
The function did not fully unwind actions in the error path. The use of try_module_get()/module_put() is unnecessary, potentially hazardous and is removed. The synclink_gt driver is already pinned any point the net device is registered, a requirement for calling this entry point.
The call hdlc_open() to init the generic HDLC layer is moved to after driver level init/checks and proper rollback of previous actions is added. This is a more sensible ordering as the most common error paths are at the driver level and the driver level rollbacks require less processing than hdlc_open()/hdlc_close().
This has been tested with supported hardware.
Signed-off-by:Paul Fulghum <[email protected]>
diff --git a/drivers/tty/synclink_gt.c b/drivers/tty/synclink_gt.c
index 25e9befdda3a..72b76cdde534 100644
--- a/drivers/tty/synclink_gt.c
+++ b/drivers/tty/synclink_gt.c
@@ -1433,16 +1433,8 @@ static int hdlcdev_open(struct net_device *dev)
int rc;
unsigned long flags;
- if (!try_module_get(THIS_MODULE))
- return -EBUSY;
-
DBGINFO(("%s hdlcdev_open\n", dev->name));
- /* generic HDLC layer open processing */
- rc = hdlc_open(dev);
- if (rc)
- return rc;
-
/* arbitrate between network and tty opens */
spin_lock_irqsave(&info->netlock, flags);
if (info->port.count != 0 || info->netcount != 0) {
@@ -1461,6 +1453,16 @@ static int hdlcdev_open(struct net_device *dev)
return rc;
}
+ /* generic HDLC layer open processing */
+ rc = hdlc_open(dev);
+ if (rc) {
+ shutdown(info);
+ spin_lock_irqsave(&info->netlock, flags);
+ info->netcount = 0;
+ spin_unlock_irqrestore(&info->netlock, flags);
+ return rc;
+ }
+
/* assert RTS and DTR, apply hardware settings */
info->signals |= SerialSignal_RTS | SerialSignal_DTR;
program_hw(info);
@@ -1506,7 +1508,6 @@ static int hdlcdev_close(struct net_device *dev)
info->netcount=0;
spin_unlock_irqrestore(&info->netlock, flags);
- module_put(THIS_MODULE);
return 0;
}
On Tue, Nov 15, 2022 at 08:25:13AM -0800, Paul Fulghum wrote:
> Zhengchao Shao <[email protected] <mailto:[email protected]>> identified by inspection bugs in the error path of hdlcdev_open() in synclink_gt.c
>
> The function did not fully unwind actions in the error path. The use of try_module_get()/module_put() is unnecessary, potentially hazardous and is removed. The synclink_gt driver is already pinned any point the net device is registered, a requirement for calling this entry point.
>
> The call hdlc_open() to init the generic HDLC layer is moved to after driver level init/checks and proper rollback of previous actions is added. This is a more sensible ordering as the most common error paths are at the driver level and the driver level rollbacks require less processing than hdlc_open()/hdlc_close().
>
> This has been tested with supported hardware.
>
> Signed-off-by:Paul Fulghum <[email protected] <mailto:[email protected]>>
>
>
> diff --git a/drivers/tty/synclink_gt.c b/drivers/tty/synclink_gt.c
> index 25e9befdda3a..72b76cdde534 100644
> --- a/drivers/tty/synclink_gt.c
> +++ b/drivers/tty/synclink_gt.c
> @@ -1433,16 +1433,8 @@ static int hdlcdev_open(struct net_device *dev)
> int rc;
> unsigned long flags;
>
> - if (!try_module_get(THIS_MODULE))
> - return -EBUSY;
> -
> DBGINFO(("%s hdlcdev_open\n", dev->name));
>
> - /* generic HDLC layer open processing */
> - rc = hdlc_open(dev);
> - if (rc)
> - return rc;
> -
> /* arbitrate between network and tty opens */
> spin_lock_irqsave(&info->netlock, flags);
> if (info->port.count != 0 || info->netcount != 0) {
> @@ -1461,6 +1453,16 @@ static int hdlcdev_open(struct net_device *dev)
> return rc;
> }
>
> + /* generic HDLC layer open processing */
> + rc = hdlc_open(dev);
> + if (rc) {
> + shutdown(info);
> + spin_lock_irqsave(&info->netlock, flags);
> + info->netcount = 0;
> + spin_unlock_irqrestore(&info->netlock, flags);
> + return rc;
> + }
> +
> /* assert RTS and DTR, apply hardware settings */
> info->signals |= SerialSignal_RTS | SerialSignal_DTR;
> program_hw(info);
> @@ -1506,7 +1508,6 @@ static int hdlcdev_close(struct net_device *dev)
> info->netcount=0;
> spin_unlock_irqrestore(&info->netlock, flags);
>
> - module_put(THIS_MODULE);
> return 0;
> }
>
>
Hi,
This is the friendly patch-bot of Greg Kroah-Hartman. You have sent him
a patch that has triggered this response. He used to manually respond
to these common problems, but in order to save his sanity (he kept
writing the same thing over and over, yet to different people), I was
created. Hopefully you will not take offence and will fix the problem
in your patch and resubmit it so that it can be accepted into the Linux
kernel tree.
You are receiving this message because of the following common error(s)
as indicated below:
- Your patch was sent in HTML format, making it impossible to be
applied, and it has been rejected from the mailing lists because of
that. Please read the file, Documentation/email-clients.txt in order
to fix this.
If you wish to discuss this problem further, or you have questions about
how to resolve this issue, please feel free to respond to this email and
Greg will reply once he has dug out from the pending patches received
from other developers.
thanks,
greg k-h's patch email bot
Resent again, last attempt still altered the plain text.
Zhengchao Shao <[email protected]> identified by inspection bugs in the error path of hdlcdev_open() in synclink_gt.c
The function did not fully unwind actions in the error path. The use of try_module_get()/module_put() is unnecessary, potentially hazardous and is removed. The synclink_gt driver is already pinned any point the net device is registered, a requirement for calling this entry point.
The call hdlc_open() to init the generic HDLC layer is moved to after driver level init/checks and proper rollback of previous actions is added. This is a more sensible ordering as the most common error paths are at the driver level and the driver level rollbacks require less processing than hdlc_open()/hdlc_close().
This has been tested with supported hardware.
Signed-off-by:Paul Fulghum <[email protected]>
diff --git a/drivers/tty/synclink_gt.c b/drivers/tty/synclink_gt.c
index 25e9befdda3a..72b76cdde534 100644
--- a/drivers/tty/synclink_gt.c
+++ b/drivers/tty/synclink_gt.c
@@ -1433,16 +1433,8 @@ static int hdlcdev_open(struct net_device *dev)
int rc;
unsigned long flags;
- if (!try_module_get(THIS_MODULE))
- return -EBUSY;
-
DBGINFO(("%s hdlcdev_open\n", dev->name));
- /* generic HDLC layer open processing */
- rc = hdlc_open(dev);
- if (rc)
- return rc;
-
/* arbitrate between network and tty opens */
spin_lock_irqsave(&info->netlock, flags);
if (info->port.count != 0 || info->netcount != 0) {
@@ -1461,6 +1453,16 @@ static int hdlcdev_open(struct net_device *dev)
return rc;
}
+ /* generic HDLC layer open processing */
+ rc = hdlc_open(dev);
+ if (rc) {
+ shutdown(info);
+ spin_lock_irqsave(&info->netlock, flags);
+ info->netcount = 0;
+ spin_unlock_irqrestore(&info->netlock, flags);
+ return rc;
+ }
+
/* assert RTS and DTR, apply hardware settings */
info->signals |= SerialSignal_RTS | SerialSignal_DTR;
program_hw(info);
@@ -1506,7 +1508,6 @@ static int hdlcdev_close(struct net_device *dev)
info->netcount=0;
spin_unlock_irqrestore(&info->netlock, flags);
- module_put(THIS_MODULE);
return 0;
}
On Tue, Nov 15, 2022 at 09:38:32AM -0800, Paul Fulghum wrote:
> Resent again, last attempt still altered the plain text.
>
Please send a v2 patch, and this is not needed as it would show up in
the commit log if we were to apply it, right?
>
> Zhengchao Shao <[email protected]> identified by inspection bugs in the error path of hdlcdev_open() in synclink_gt.c
Properly wrap your lines at 72 columns please.
>
> The function did not fully unwind actions in the error path. The use of try_module_get()/module_put() is unnecessary, potentially hazardous and is removed. The synclink_gt driver is already pinned any point the net device is registered, a requirement for calling this entry point.
>
> The call hdlc_open() to init the generic HDLC layer is moved to after driver level init/checks and proper rollback of previous actions is added. This is a more sensible ordering as the most common error paths are at the driver level and the driver level rollbacks require less processing than hdlc_open()/hdlc_close().
>
> This has been tested with supported hardware.
>
> Signed-off-by:Paul Fulghum <[email protected]>
You need a Suggested-by: tag here.
And a space after the ':' character.
>
> diff --git a/drivers/tty/synclink_gt.c b/drivers/tty/synclink_gt.c
> index 25e9befdda3a..72b76cdde534 100644
> --- a/drivers/tty/synclink_gt.c
> +++ b/drivers/tty/synclink_gt.c
> @@ -1433,16 +1433,8 @@ static int hdlcdev_open(struct net_device *dev)
> int rc;
> unsigned long flags;
>
> - if (!try_module_get(THIS_MODULE))
> - return -EBUSY;
Thank you for removing this, this code pattern is always wrong :)
thanks,
greg k-h