Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp4340523pxj; Tue, 8 Jun 2021 11:56:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyQtbvHcLCYyKkp9ZLlpauBKCkoQwfz3CULdK5i9DQTE+9TRh/Uo84uEBmTeD19iZCh0L/T X-Received: by 2002:a17:906:606:: with SMTP id s6mr24534633ejb.206.1623178568569; Tue, 08 Jun 2021 11:56:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623178568; cv=none; d=google.com; s=arc-20160816; b=tAXyeK/2hDWbR0SR70yZGFnQ2Ecg0J7DU4nzX1Z2XhHzuF/qhJRaTV+GJJah9Wn2LR p1WoxIXPn1JvPr5HT1ByApZbSf87xc2oiQ0MzqUDy7Emvk510/6nZvx12iuU56wP7CtC 4zizyIqoQJ//5AOZodULqTpxcjFwtJLT6wTowwQRwjbcl+aWJ5QIGE3s7gvzcO8jxSO7 0KqiV0+Mr7PBp5hWUDU+fVxc7enVhtsBQmyGKiKbGq6RkcTsmB45W3Dqz4/6KoHb4TFb EaUm9We1PH776YEJuX5PKV7QgK5C1bqtCWkRy2vgadNPc1wysMrvLKKFyBtR77qv+olQ KjUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=rhbpRYLlctdgLGP8F6ZvMH4tq94wDg7vyYuR5VZje/Q=; b=OAOcNsVZLvnFJ8tUD+A67dDNbb6STxHeWED2u7LYKr8WrUfnJjjOvU+dDU18NrzbS1 1w60A5y94j6PsQT48SpYJXKnGEUNzRxYcsu+3CKmXj1jCQzrO8KonaMYGPGcDZRJ1v74 lY76+XBoPTzi1a1cecUr/XSpdEne+qa97ecjualSKGIjc7Xdmgylpr3NHUbf1n31e/Vz DPRrjueCzduHl10VdETfE99hd0RKpuCfIKBUDQTkH3LTTsc8ykcEBIp419k84vHY+FBy O3vvlU+xEj19nUQbE+Pyyl3M1u95TreO+cSlH2vucWv8enH3woBUxgEEBNYoEtV7WHV/ 2gPQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="k/9N2/gt"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id by7si332106ejc.699.2021.06.08.11.55.44; Tue, 08 Jun 2021 11:56:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="k/9N2/gt"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236828AbhFHSzU (ORCPT + 99 others); Tue, 8 Jun 2021 14:55:20 -0400 Received: from mail.kernel.org ([198.145.29.99]:43766 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234515AbhFHSsL (ORCPT ); Tue, 8 Jun 2021 14:48:11 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 48B91613EA; Tue, 8 Jun 2021 18:38:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1623177504; bh=qtTnW+v7jY2Jj4qb9HwZrqDw+PKfDSH74KUJ0a4TFIs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=k/9N2/gt0sE4fe2SAZwyvoPVIwNrgxQigfbBa2zRuHrgwVIMUHSq8n6lvE2K19BpM ZnvuhG3DhmqME/AOyDcaLLPOZwAKo3D5Bcc4iMNzHFFQYMW7VZ6hQ5jIl8LkSRgW7Y YW+mJ6Q/PL0K3nuWvb8XPqjprIYzCU6pLvtLvyF0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Pavel Skripkin , "David S. Miller" Subject: [PATCH 5.4 41/78] net: caif: add proper error handling Date: Tue, 8 Jun 2021 20:27:10 +0200 Message-Id: <20210608175936.646526509@linuxfoundation.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608175935.254388043@linuxfoundation.org> References: <20210608175935.254388043@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Pavel Skripkin commit a2805dca5107d5603f4bbc027e81e20d93476e96 upstream. caif_enroll_dev() can fail in some cases. Ingnoring these cases can lead to memory leak due to not assigning link_support pointer to anywhere. Fixes: 7c18d2205ea7 ("caif: Restructure how link caif link layer enroll") Cc: stable@vger.kernel.org Signed-off-by: Pavel Skripkin Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- include/net/caif/caif_dev.h | 2 +- include/net/caif/cfcnfg.h | 2 +- net/caif/caif_dev.c | 8 +++++--- net/caif/cfcnfg.c | 16 +++++++++++----- 4 files changed, 18 insertions(+), 10 deletions(-) --- a/include/net/caif/caif_dev.h +++ b/include/net/caif/caif_dev.h @@ -119,7 +119,7 @@ void caif_free_client(struct cflayer *ad * The link_support layer is used to add any Link Layer specific * framing. */ -void caif_enroll_dev(struct net_device *dev, struct caif_dev_common *caifdev, +int caif_enroll_dev(struct net_device *dev, struct caif_dev_common *caifdev, struct cflayer *link_support, int head_room, struct cflayer **layer, int (**rcv_func)( struct sk_buff *, struct net_device *, --- a/include/net/caif/cfcnfg.h +++ b/include/net/caif/cfcnfg.h @@ -62,7 +62,7 @@ void cfcnfg_remove(struct cfcnfg *cfg); * @fcs: Specify if checksum is used in CAIF Framing Layer. * @head_room: Head space needed by link specific protocol. */ -void +int cfcnfg_add_phy_layer(struct cfcnfg *cnfg, struct net_device *dev, struct cflayer *phy_layer, enum cfcnfg_phy_preference pref, --- a/net/caif/caif_dev.c +++ b/net/caif/caif_dev.c @@ -307,7 +307,7 @@ static void dev_flowctrl(struct net_devi caifd_put(caifd); } -void caif_enroll_dev(struct net_device *dev, struct caif_dev_common *caifdev, +int caif_enroll_dev(struct net_device *dev, struct caif_dev_common *caifdev, struct cflayer *link_support, int head_room, struct cflayer **layer, int (**rcv_func)(struct sk_buff *, struct net_device *, @@ -318,11 +318,12 @@ void caif_enroll_dev(struct net_device * enum cfcnfg_phy_preference pref; struct cfcnfg *cfg = get_cfcnfg(dev_net(dev)); struct caif_device_entry_list *caifdevs; + int res; caifdevs = caif_device_list(dev_net(dev)); caifd = caif_device_alloc(dev); if (!caifd) - return; + return -ENOMEM; *layer = &caifd->layer; spin_lock_init(&caifd->flow_lock); @@ -343,7 +344,7 @@ void caif_enroll_dev(struct net_device * strlcpy(caifd->layer.name, dev->name, sizeof(caifd->layer.name)); caifd->layer.transmit = transmit; - cfcnfg_add_phy_layer(cfg, + res = cfcnfg_add_phy_layer(cfg, dev, &caifd->layer, pref, @@ -353,6 +354,7 @@ void caif_enroll_dev(struct net_device * mutex_unlock(&caifdevs->lock); if (rcv_func) *rcv_func = receive; + return res; } EXPORT_SYMBOL(caif_enroll_dev); --- a/net/caif/cfcnfg.c +++ b/net/caif/cfcnfg.c @@ -450,7 +450,7 @@ unlock: rcu_read_unlock(); } -void +int cfcnfg_add_phy_layer(struct cfcnfg *cnfg, struct net_device *dev, struct cflayer *phy_layer, enum cfcnfg_phy_preference pref, @@ -459,7 +459,7 @@ cfcnfg_add_phy_layer(struct cfcnfg *cnfg { struct cflayer *frml; struct cfcnfg_phyinfo *phyinfo = NULL; - int i; + int i, res = 0; u8 phyid; mutex_lock(&cnfg->lock); @@ -473,12 +473,15 @@ cfcnfg_add_phy_layer(struct cfcnfg *cnfg goto got_phyid; } pr_warn("Too many CAIF Link Layers (max 6)\n"); + res = -EEXIST; goto out; got_phyid: phyinfo = kzalloc(sizeof(struct cfcnfg_phyinfo), GFP_ATOMIC); - if (!phyinfo) + if (!phyinfo) { + res = -ENOMEM; goto out_err; + } phy_layer->id = phyid; phyinfo->pref = pref; @@ -492,8 +495,10 @@ got_phyid: frml = cffrml_create(phyid, fcs); - if (!frml) + if (!frml) { + res = -ENOMEM; goto out_err; + } phyinfo->frm_layer = frml; layer_set_up(frml, cnfg->mux); @@ -511,11 +516,12 @@ got_phyid: list_add_rcu(&phyinfo->node, &cnfg->phys); out: mutex_unlock(&cnfg->lock); - return; + return res; out_err: kfree(phyinfo); mutex_unlock(&cnfg->lock); + return res; } EXPORT_SYMBOL(cfcnfg_add_phy_layer);