Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp2485668ybx; Fri, 8 Nov 2019 05:06:20 -0800 (PST) X-Google-Smtp-Source: APXvYqyzj+VYBdAnU5+7ZLJCJkINYWI1NgtdAOUQvLmliFrlojexxVZJOT+PcPa+I8fUolcZfcm1 X-Received: by 2002:a50:bac2:: with SMTP id x60mr9896379ede.114.1573218380257; Fri, 08 Nov 2019 05:06:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573218380; cv=none; d=google.com; s=arc-20160816; b=SKxTw1Z4cqwzhTtGjouSf6pb/T9N/ivhra3pXE6P+ErbsGkls1ia44ZEFLSQfIY0so KfLirUj2pmhmnL4SfxpHPJhXqD1AaVMFdv7F9aW9RkVrMcXc6EFb4pxj5OmSqaTko2B7 SvKvc0SB+dx8gRzexDtB7u8RjmWzO0CpDHkqiGlWBTGi2K0EHYwGcAHDUCbSOvx7rIyz G0SKD8SVovBV4HjSuASUEb90/2PF7KgUrcxIhj4KA5UE1w+8zKKZZoLA6UsD8YFjEKoE BmHXX/11+jlvAoz9xQ+6NJtqD8lMpKIhcxZniRV7Al0I8OwROH6EnpFa560jiqhAhiIH MVCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=VA9GbHfmKtODbCm0QoKaPVG8lLjwOAvz4Dj0Clq1FXQ=; b=P1l/30mTPYyCAmYk4oQvnaWtzqvVOKjhpVeypPAkjknXFbwMIrTVoypXcp2FM7HAZj nzmaNJJnA3UBaKDsG4BWtS0gMzAo2DaUpa6CfEFIav01arCEBC3fU+XjPIVb3+lOYFcw d2aI7lqbDEVrj7lyAreuIimHDVIZezoqyhEmaGwVFqIbUgbdIOCTPZcDvp+shy5Xf3KT BlMEP7ZX2nDzFgJhySPYYTt3zQBzAxlN06r3yOWvCAIT06PbWfu5j3XrUQgEjllcMPsZ 3Et3M7dn4qPlBrNOqj80ConYZXeY+AkaQsJlQ4ewMuprv0UBqbbBvWgz1Lj+SXf0B3/0 L/8g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@rasmusvillemoes.dk header.s=google header.b=ghv2Fitd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u22si3381495edt.172.2019.11.08.05.05.56; Fri, 08 Nov 2019 05:06:20 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@rasmusvillemoes.dk header.s=google header.b=ghv2Fitd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731743AbfKHND0 (ORCPT + 99 others); Fri, 8 Nov 2019 08:03:26 -0500 Received: from mail-lj1-f196.google.com ([209.85.208.196]:38915 "EHLO mail-lj1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730332AbfKHNCR (ORCPT ); Fri, 8 Nov 2019 08:02:17 -0500 Received: by mail-lj1-f196.google.com with SMTP id p18so6130885ljc.6 for ; Fri, 08 Nov 2019 05:02:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rasmusvillemoes.dk; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=VA9GbHfmKtODbCm0QoKaPVG8lLjwOAvz4Dj0Clq1FXQ=; b=ghv2Fitdi+5CpOHryA/uKu7tvP1mIrcR7EQ6Boj2/RIU2+jYku8qiRim9NlU1bMI9t jibRIInuK9ovNCl4B0NJGdUU3ySNR4YSeno58I0x0vbag1VAvxIje3y/7NhG3ERCFGnp ox4wBxv0EYbYTQMQ1MAeNcI4UNMBZJ7Jq/bJ4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=VA9GbHfmKtODbCm0QoKaPVG8lLjwOAvz4Dj0Clq1FXQ=; b=pJHdIPGQR2n8o1TSZTJqRmSa4by7rSU4Hnm5FnVGxOifkiukaVv3z3gCuopTNkS2zl LOZhfB86iU7yQRYo2nOaBq0p/xxUqIZfdjw6orDO8Qo8dEqzoMvI/rh/h5563fQbjjUq gUuqg25dfUWSze2fPFHLk91bJvAoXXZhQ0F3JiBJ7dQJjpYCwDYjPeZz73kGDZ5yZMcH rTX6JGqA2EDxKAii4B1yStDoYzdNcj/U8bWK5hh4C2thx7iaJUZtSRhmTj898nQxBiXS dO8nyTnA9OItAGbzMEzZJ2lx4tSMjYTRpyzOibGeMr9vpS37oJTh5I4OpPG0iMqEjW7+ 0Knw== X-Gm-Message-State: APjAAAW2/QGO1kqAHa0t7aq+oWlPOMCDcEU+FfcXV8j2HsueMmkKYLJL 0yeQ8TF/CtdUr89cqG460bVM0w== X-Received: by 2002:a2e:9119:: with SMTP id m25mr6927156ljg.24.1573218135990; Fri, 08 Nov 2019 05:02:15 -0800 (PST) Received: from prevas-ravi.prevas.se ([81.216.59.226]) by smtp.gmail.com with ESMTPSA id d28sm2454725lfn.33.2019.11.08.05.02.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Nov 2019 05:02:15 -0800 (PST) From: Rasmus Villemoes To: Qiang Zhao , Li Yang , Christophe Leroy Cc: linuxppc-dev@lists.ozlabs.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Scott Wood , Rasmus Villemoes Subject: [PATCH v4 38/47] soc: fsl: qe: refactor cpm_muram_alloc_common to prevent BUG on error path Date: Fri, 8 Nov 2019 14:01:14 +0100 Message-Id: <20191108130123.6839-39-linux@rasmusvillemoes.dk> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191108130123.6839-1-linux@rasmusvillemoes.dk> References: <20191108130123.6839-1-linux@rasmusvillemoes.dk> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org If the kmalloc() fails, we try to undo the gen_pool allocation we've just done. Unfortunately, start has already been modified to subtract the GENPOOL_OFFSET bias, so we're freeing something that very likely doesn't exist in the gen_pool, meaning we hit the kernel BUG at lib/genalloc.c:399! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM ... [<803fd0e8>] (gen_pool_free) from [<80426bc8>] (cpm_muram_alloc_common+0xb0/0xc8) [<80426bc8>] (cpm_muram_alloc_common) from [<80426c28>] (cpm_muram_alloc+0x48/0x80) [<80426c28>] (cpm_muram_alloc) from [<80428214>] (ucc_slow_init+0x110/0x4f0) [<80428214>] (ucc_slow_init) from [<8044a718>] (qe_uart_request_port+0x3c/0x1d8) (this was tested by just injecting a random failure by adding "|| (get_random_int()&7) == 0" to the "if (!entry)" condition). Refactor the code so we do the kmalloc() first, meaning that's the thing that needs undoing in case gen_pool_alloc_algo() then fails. This allows a later cleanup to move the locking from the callers into the _common function, keeping the kmalloc() out of the critical region and then, hopefully (if all the muram_alloc callers allow) change it to a GFP_KERNEL allocation. Signed-off-by: Rasmus Villemoes --- drivers/soc/fsl/qe/qe_common.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/drivers/soc/fsl/qe/qe_common.c b/drivers/soc/fsl/qe/qe_common.c index feb33ec1c3d6..bc9b436684df 100644 --- a/drivers/soc/fsl/qe/qe_common.c +++ b/drivers/soc/fsl/qe/qe_common.c @@ -119,23 +119,21 @@ static s32 cpm_muram_alloc_common(unsigned long size, struct muram_block *entry; s32 start; + entry = kmalloc(sizeof(*entry), GFP_ATOMIC); + if (!entry) + return -ENOMEM; start = gen_pool_alloc_algo(muram_pool, size, algo, data); - if (!start) - goto out2; + if (!start) { + kfree(entry); + return -ENOMEM; + } start = start - GENPOOL_OFFSET; memset_io(cpm_muram_addr(start), 0, size); - entry = kmalloc(sizeof(*entry), GFP_ATOMIC); - if (!entry) - goto out1; entry->start = start; entry->size = size; list_add(&entry->head, &muram_block_list); return start; -out1: - gen_pool_free(muram_pool, start, size); -out2: - return -ENOMEM; } /* -- 2.23.0