LinuxLists.cc - [PATCH v2] drm/msm/dsi: Add missing check for alloc_ordered

2023-01-09 03:27:37

Subject: [PATCH v2] drm/msm/dsi: Add missing check for alloc_ordered_workqueue

Add check for the return value of alloc_ordered_workqueue as it may return
NULL pointer and cause NULL pointer dereference.
Moreover, change the "goto fail" into "return ret" and drop the "fail"
label since they are the same.

Signed-off-by: Jiasheng Jiang <[email protected]>
---
Changelog:

v1 -> v2:

1. Change the "goto fail" into "return ret" and drop the "fail" label.
---
drivers/gpu/drm/msm/dsi/dsi_host.c | 24 +++++++++++++-----------
1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/drivers/gpu/drm/msm/dsi/dsi_host.c b/drivers/gpu/drm/msm/dsi/dsi_host.c
index 89aadd3b3202..819f5be5fd77 100644
--- a/drivers/gpu/drm/msm/dsi/dsi_host.c
+++ b/drivers/gpu/drm/msm/dsi/dsi_host.c
@@ -1884,7 +1884,7 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
msm_host = devm_kzalloc(&pdev->dev, sizeof(*msm_host), GFP_KERNEL);
if (!msm_host) {
ret = -ENOMEM;
- goto fail;
+ return ret;
}

msm_host->pdev = pdev;
@@ -1893,14 +1893,14 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
ret = dsi_host_parse_dt(msm_host);
if (ret) {
pr_err("%s: failed to parse dt\n", __func__);
- goto fail;
+ return ret;
}

msm_host->ctrl_base = msm_ioremap_size(pdev, "dsi_ctrl", &msm_host->ctrl_size);
if (IS_ERR(msm_host->ctrl_base)) {
pr_err("%s: unable to map Dsi ctrl base\n", __func__);
ret = PTR_ERR(msm_host->ctrl_base);
- goto fail;
+ return ret;
}

pm_runtime_enable(&pdev->dev);
@@ -1909,7 +1909,7 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
if (!msm_host->cfg_hnd) {
ret = -EINVAL;
pr_err("%s: get config failed\n", __func__);
- goto fail;
+ return ret;
}
cfg = msm_host->cfg_hnd->cfg;

@@ -1917,7 +1917,7 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
if (msm_host->id < 0) {
ret = msm_host->id;
pr_err("%s: unable to identify DSI host index\n", __func__);
- goto fail;
+ return ret;
}

/* fixup base address by io offset */
@@ -1927,19 +1927,19 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
cfg->regulator_data,
&msm_host->supplies);
if (ret)
- goto fail;
+ return ret;

ret = dsi_clk_init(msm_host);
if (ret) {
pr_err("%s: unable to initialize dsi clks\n", __func__);
- goto fail;
+ return ret;
}

msm_host->rx_buf = devm_kzalloc(&pdev->dev, SZ_4K, GFP_KERNEL);
if (!msm_host->rx_buf) {
ret = -ENOMEM;
pr_err("%s: alloc rx temp buf failed\n", __func__);
- goto fail;
+ return ret;
}

ret = devm_pm_opp_set_clkname(&pdev->dev, "byte");
@@ -1977,15 +1977,17 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)

/* setup workqueue */
msm_host->workqueue = alloc_ordered_workqueue("dsi_drm_work", 0);
+ if (!msm_host->workqueue) {
+ ret = -ENOMEM;
+ return ret;
+ }
+
INIT_WORK(&msm_host->err_work, dsi_err_worker);

msm_dsi->id = msm_host->id;

DBG("Dsi Host %d initialized", msm_host->id);
return 0;
-
-fail:
- return ret;
}

void msm_dsi_host_destroy(struct mipi_dsi_host *host)
--
2.25.1

2023-01-09 08:56:06

by Dhruva Gole

[permalink] [raw]

Subject: Re: [PATCH v2] drm/msm/dsi: Add missing check for alloc_ordered_workqueue

On 09/01/23 08:20, Jiasheng Jiang wrote:
> Add check for the return value of alloc_ordered_workqueue as it may return
> NULL pointer and cause NULL pointer dereference.
> Moreover, change the "goto fail" into "return ret" and drop the "fail"
> label since they are the same.
>
> Signed-off-by: Jiasheng Jiang <[email protected]>
> ---

Reviewed-by: Dhruva Gole <[email protected]>

> Changelog:
>
> v1 -> v2:
>
> 1. Change the "goto fail" into "return ret" and drop the "fail" label.
> ---
> drivers/gpu/drm/msm/dsi/dsi_host.c | 24 +++++++++++++-----------
> 1 file changed, 13 insertions(+), 11 deletions(-)
>
> diff --git a/drivers/gpu/drm/msm/dsi/dsi_host.c b/drivers/gpu/drm/msm/dsi/dsi_host.c
> index 89aadd3b3202..819f5be5fd77 100644
> --- a/drivers/gpu/drm/msm/dsi/dsi_host.c
> +++ b/drivers/gpu/drm/msm/dsi/dsi_host.c
> @@ -1884,7 +1884,7 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
> msm_host = devm_kzalloc(&pdev->dev, sizeof(*msm_host), GFP_KERNEL);
> if (!msm_host) {
> ret = -ENOMEM;
> - goto fail;
> + return ret;
> }
>
> msm_host->pdev = pdev;
> @@ -1893,14 +1893,14 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
> ret = dsi_host_parse_dt(msm_host);
> if (ret) {
> pr_err("%s: failed to parse dt\n", __func__);
> - goto fail;
> + return ret;
> }
>
> msm_host->ctrl_base = msm_ioremap_size(pdev, "dsi_ctrl", &msm_host->ctrl_size);
> if (IS_ERR(msm_host->ctrl_base)) {
> pr_err("%s: unable to map Dsi ctrl base\n", __func__);
> ret = PTR_ERR(msm_host->ctrl_base);
> - goto fail;
> + return ret;
> }
>
> pm_runtime_enable(&pdev->dev);
> @@ -1909,7 +1909,7 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
> if (!msm_host->cfg_hnd) {
> ret = -EINVAL;
> pr_err("%s: get config failed\n", __func__);
> - goto fail;
> + return ret;
> }
> cfg = msm_host->cfg_hnd->cfg;
>
> @@ -1917,7 +1917,7 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
> if (msm_host->id < 0) {
> ret = msm_host->id;
> pr_err("%s: unable to identify DSI host index\n", __func__);
> - goto fail;
> + return ret;
> }
>
> /* fixup base address by io offset */
> @@ -1927,19 +1927,19 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
> cfg->regulator_data,
> &msm_host->supplies);
> if (ret)
> - goto fail;
> + return ret;
>
> ret = dsi_clk_init(msm_host);
> if (ret) {
> pr_err("%s: unable to initialize dsi clks\n", __func__);
> - goto fail;
> + return ret;
> }
>
> msm_host->rx_buf = devm_kzalloc(&pdev->dev, SZ_4K, GFP_KERNEL);
> if (!msm_host->rx_buf) {
> ret = -ENOMEM;
> pr_err("%s: alloc rx temp buf failed\n", __func__);
> - goto fail;
> + return ret;
> }
>
> ret = devm_pm_opp_set_clkname(&pdev->dev, "byte");
> @@ -1977,15 +1977,17 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
>
> /* setup workqueue */
> msm_host->workqueue = alloc_ordered_workqueue("dsi_drm_work", 0);
> + if (!msm_host->workqueue) {
> + ret = -ENOMEM;
> + return ret;

Why not simply return -ENOMEM;
instead?

> + }
> +
> INIT_WORK(&msm_host->err_work, dsi_err_worker);
>
> msm_dsi->id = msm_host->id;
>
> DBG("Dsi Host %d initialized", msm_host->id);
> return 0;
> -
> -fail:
> - return ret;
> }
>
> void msm_dsi_host_destroy(struct mipi_dsi_host *host)

--
Thanks and Regards,
Dhruva Gole

2023-01-09 09:18:21

by Dmitry Baryshkov

[permalink] [raw]

Subject: Re: [PATCH v2] drm/msm/dsi: Add missing check for alloc_ordered_workqueue

On Mon, 9 Jan 2023 at 04:51, Jiasheng Jiang <[email protected]> wrote:
>
> Add check for the return value of alloc_ordered_workqueue as it may return
> NULL pointer and cause NULL pointer dereference.
> Moreover, change the "goto fail" into "return ret" and drop the "fail"
> label since they are the same.
>
> Signed-off-by: Jiasheng Jiang <[email protected]>
> ---
> Changelog:
>
> v1 -> v2:
>
> 1. Change the "goto fail" into "return ret" and drop the "fail" label.

These are separate changes and should come as separate patches.

> ---
> drivers/gpu/drm/msm/dsi/dsi_host.c | 24 +++++++++++++-----------
> 1 file changed, 13 insertions(+), 11 deletions(-)
>
> diff --git a/drivers/gpu/drm/msm/dsi/dsi_host.c b/drivers/gpu/drm/msm/dsi/dsi_host.c
> index 89aadd3b3202..819f5be5fd77 100644
> --- a/drivers/gpu/drm/msm/dsi/dsi_host.c
> +++ b/drivers/gpu/drm/msm/dsi/dsi_host.c
> @@ -1884,7 +1884,7 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
> msm_host = devm_kzalloc(&pdev->dev, sizeof(*msm_host), GFP_KERNEL);
> if (!msm_host) {
> ret = -ENOMEM;
> - goto fail;
> + return ret;
> }
>
> msm_host->pdev = pdev;
> @@ -1893,14 +1893,14 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
> ret = dsi_host_parse_dt(msm_host);
> if (ret) {
> pr_err("%s: failed to parse dt\n", __func__);
> - goto fail;
> + return ret;
> }
>
> msm_host->ctrl_base = msm_ioremap_size(pdev, "dsi_ctrl", &msm_host->ctrl_size);
> if (IS_ERR(msm_host->ctrl_base)) {
> pr_err("%s: unable to map Dsi ctrl base\n", __func__);
> ret = PTR_ERR(msm_host->ctrl_base);
> - goto fail;
> + return ret;
> }
>
> pm_runtime_enable(&pdev->dev);
> @@ -1909,7 +1909,7 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
> if (!msm_host->cfg_hnd) {
> ret = -EINVAL;
> pr_err("%s: get config failed\n", __func__);
> - goto fail;
> + return ret;
> }
> cfg = msm_host->cfg_hnd->cfg;
>
> @@ -1917,7 +1917,7 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
> if (msm_host->id < 0) {
> ret = msm_host->id;
> pr_err("%s: unable to identify DSI host index\n", __func__);
> - goto fail;
> + return ret;
> }
>
> /* fixup base address by io offset */
> @@ -1927,19 +1927,19 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
> cfg->regulator_data,
> &msm_host->supplies);
> if (ret)
> - goto fail;
> + return ret;
>
> ret = dsi_clk_init(msm_host);
> if (ret) {
> pr_err("%s: unable to initialize dsi clks\n", __func__);
> - goto fail;
> + return ret;
> }
>
> msm_host->rx_buf = devm_kzalloc(&pdev->dev, SZ_4K, GFP_KERNEL);
> if (!msm_host->rx_buf) {
> ret = -ENOMEM;
> pr_err("%s: alloc rx temp buf failed\n", __func__);
> - goto fail;
> + return ret;
> }
>
> ret = devm_pm_opp_set_clkname(&pdev->dev, "byte");
> @@ -1977,15 +1977,17 @@ int msm_dsi_host_init(struct msm_dsi *msm_dsi)
>
> /* setup workqueue */
> msm_host->workqueue = alloc_ordered_workqueue("dsi_drm_work", 0);
> + if (!msm_host->workqueue) {
> + ret = -ENOMEM;
> + return ret;
> + }
> +
> INIT_WORK(&msm_host->err_work, dsi_err_worker);
>
> msm_dsi->id = msm_host->id;
>
> DBG("Dsi Host %d initialized", msm_host->id);
> return 0;
> -
> -fail:
> - return ret;
> }
>
> void msm_dsi_host_destroy(struct mipi_dsi_host *host)
> --
> 2.25.1
>

--
With best wishes
Dmitry