Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp4821571pxj; Wed, 9 Jun 2021 02:41:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz+9woNX4nf88a2ojYrMHbu50OSyVcz9d1SfacuyOEIKx7EG3q9IvaOvSP7Pmk7xGgQ7f97 X-Received: by 2002:a05:6e02:12c9:: with SMTP id i9mr22918970ilm.17.1623231710444; Wed, 09 Jun 2021 02:41:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623231710; cv=none; d=google.com; s=arc-20160816; b=ne8moPwcYhXVpMg0OZg5M+DS1OvpqBLeoV5QsAsKS2NUu3J759nUG+/SL6ml9zEKJH yY6qh9bzEWLWSO4Hp6mLqgouO8N2eGtS3CzJ5ZCfIycysse+YOjz5mr702RGHkR/QqAP AHoPNyp1h3fIpWPOwowOFYfjXFi1SrD3w2CR7epqmJXDRKwCB78Dr9Y03GTF2xcmtnDk vVh77vhTl+Ezj9SB4UNT7L3aD/ozNoWM8sWB61ohZKhnOJqLudKClsqU1EmmOjJ/p2gW cqszxHLsjGswgDpNbzhWOV0Q80Rzt59ksTOosEwEo7cgVBKWmhpJXkv7dhK+I1/UVLEv RkTA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=nieApoEBUNB+1T2m6uetxKASecrYaAr+PXAVZ6J+LtQ=; b=Tx4aeFJBTF4hAbdRC39s6vGkxuqv8JK7Kk24s3y+aYTIiujMNAZZQldLNy/uqChCJN T77ws4qSheJWaoCjBoFD4u4DcduDFf7qwBUffut7Ejb2eBT90sQHfbmjMOq9BSLOFN5k C42EmsXlge6xoWfpUpk9UCPWmpcvtuybXSe12KwBvafwKgKg237RVB4qAiDLMKMQiMQF ranZNBackS186fPHdgCl6cpUmHg1vHvt1qjJI+m6DRFDTXGUtRn+4M7fur5HBPhyvoJr PRX1Ea0qefVRq2YMC3Z44XPG9YFSksnkdr7IiXKzkEXG7z8zsd63k1zRCHiNyAQuuxT4 Sghw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="D8RW81/D"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id x6si2430283ilv.59.2021.06.09.02.41.37; Wed, 09 Jun 2021 02:41:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="D8RW81/D"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233850AbhFHSdz (ORCPT + 99 others); Tue, 8 Jun 2021 14:33:55 -0400 Received: from mail.kernel.org ([198.145.29.99]:56838 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234269AbhFHScm (ORCPT ); Tue, 8 Jun 2021 14:32:42 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 553CD61376; Tue, 8 Jun 2021 18:30:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1623177032; bh=dOmcRJm6Y37kvcI1vAX4/vWOo7WEzddVyjrsNS8JqB4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=D8RW81/DCRrZznPzEWaN16cSc2sfbz/gUd0ZomgsgvwTTbRc8lw91WbTAPsu9foS1 iOrryIJh1MAjjD/mok0B/g1yktR4XcqmSVaufuCSDGIPXCLeR0bz5M4E8AJ/sf+9DA kWDleF8avRMjFZ76WGMp1AJU0x2QNvK9+qteEHY0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Pavel Skripkin , "David S. Miller" Subject: [PATCH 4.9 16/29] net: caif: add proper error handling Date: Tue, 8 Jun 2021 20:27:10 +0200 Message-Id: <20210608175928.347383299@linuxfoundation.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608175927.821075974@linuxfoundation.org> References: <20210608175927.821075974@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Pavel Skripkin commit a2805dca5107d5603f4bbc027e81e20d93476e96 upstream. caif_enroll_dev() can fail in some cases. Ingnoring these cases can lead to memory leak due to not assigning link_support pointer to anywhere. Fixes: 7c18d2205ea7 ("caif: Restructure how link caif link layer enroll") Cc: stable@vger.kernel.org Signed-off-by: Pavel Skripkin Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- include/net/caif/caif_dev.h | 2 +- include/net/caif/cfcnfg.h | 2 +- net/caif/caif_dev.c | 8 +++++--- net/caif/cfcnfg.c | 16 +++++++++++----- 4 files changed, 18 insertions(+), 10 deletions(-) --- a/include/net/caif/caif_dev.h +++ b/include/net/caif/caif_dev.h @@ -119,7 +119,7 @@ void caif_free_client(struct cflayer *ad * The link_support layer is used to add any Link Layer specific * framing. */ -void caif_enroll_dev(struct net_device *dev, struct caif_dev_common *caifdev, +int caif_enroll_dev(struct net_device *dev, struct caif_dev_common *caifdev, struct cflayer *link_support, int head_room, struct cflayer **layer, int (**rcv_func)( struct sk_buff *, struct net_device *, --- a/include/net/caif/cfcnfg.h +++ b/include/net/caif/cfcnfg.h @@ -62,7 +62,7 @@ void cfcnfg_remove(struct cfcnfg *cfg); * @fcs: Specify if checksum is used in CAIF Framing Layer. * @head_room: Head space needed by link specific protocol. */ -void +int cfcnfg_add_phy_layer(struct cfcnfg *cnfg, struct net_device *dev, struct cflayer *phy_layer, enum cfcnfg_phy_preference pref, --- a/net/caif/caif_dev.c +++ b/net/caif/caif_dev.c @@ -303,7 +303,7 @@ static void dev_flowctrl(struct net_devi caifd_put(caifd); } -void caif_enroll_dev(struct net_device *dev, struct caif_dev_common *caifdev, +int caif_enroll_dev(struct net_device *dev, struct caif_dev_common *caifdev, struct cflayer *link_support, int head_room, struct cflayer **layer, int (**rcv_func)(struct sk_buff *, struct net_device *, @@ -314,11 +314,12 @@ void caif_enroll_dev(struct net_device * enum cfcnfg_phy_preference pref; struct cfcnfg *cfg = get_cfcnfg(dev_net(dev)); struct caif_device_entry_list *caifdevs; + int res; caifdevs = caif_device_list(dev_net(dev)); caifd = caif_device_alloc(dev); if (!caifd) - return; + return -ENOMEM; *layer = &caifd->layer; spin_lock_init(&caifd->flow_lock); @@ -340,7 +341,7 @@ void caif_enroll_dev(struct net_device * sizeof(caifd->layer.name) - 1); caifd->layer.name[sizeof(caifd->layer.name) - 1] = 0; caifd->layer.transmit = transmit; - cfcnfg_add_phy_layer(cfg, + res = cfcnfg_add_phy_layer(cfg, dev, &caifd->layer, pref, @@ -350,6 +351,7 @@ void caif_enroll_dev(struct net_device * mutex_unlock(&caifdevs->lock); if (rcv_func) *rcv_func = receive; + return res; } EXPORT_SYMBOL(caif_enroll_dev); --- a/net/caif/cfcnfg.c +++ b/net/caif/cfcnfg.c @@ -455,7 +455,7 @@ unlock: rcu_read_unlock(); } -void +int cfcnfg_add_phy_layer(struct cfcnfg *cnfg, struct net_device *dev, struct cflayer *phy_layer, enum cfcnfg_phy_preference pref, @@ -464,7 +464,7 @@ cfcnfg_add_phy_layer(struct cfcnfg *cnfg { struct cflayer *frml; struct cfcnfg_phyinfo *phyinfo = NULL; - int i; + int i, res = 0; u8 phyid; mutex_lock(&cnfg->lock); @@ -478,12 +478,15 @@ cfcnfg_add_phy_layer(struct cfcnfg *cnfg goto got_phyid; } pr_warn("Too many CAIF Link Layers (max 6)\n"); + res = -EEXIST; goto out; got_phyid: phyinfo = kzalloc(sizeof(struct cfcnfg_phyinfo), GFP_ATOMIC); - if (!phyinfo) + if (!phyinfo) { + res = -ENOMEM; goto out_err; + } phy_layer->id = phyid; phyinfo->pref = pref; @@ -497,8 +500,10 @@ got_phyid: frml = cffrml_create(phyid, fcs); - if (!frml) + if (!frml) { + res = -ENOMEM; goto out_err; + } phyinfo->frm_layer = frml; layer_set_up(frml, cnfg->mux); @@ -516,11 +521,12 @@ got_phyid: list_add_rcu(&phyinfo->node, &cnfg->phys); out: mutex_unlock(&cnfg->lock); - return; + return res; out_err: kfree(phyinfo); mutex_unlock(&cnfg->lock); + return res; } EXPORT_SYMBOL(cfcnfg_add_phy_layer);