Received: by 2002:ac0:e34a:0:0:0:0:0 with SMTP id g10csp142791imn;
        Wed, 27 Jul 2022 02:08:56 -0700 (PDT)
X-Google-Smtp-Source: AGRyM1tA17M1GaAup0OphnbJmBKYNgcOI/bKBin5HnKt1pZX8/9CSRY/rkre2a5BBLailQQGZKb4
X-Received: by 2002:a17:907:6295:b0:703:92b8:e113 with SMTP id nd21-20020a170907629500b0070392b8e113mr17209834ejc.594.1658912936351;
        Wed, 27 Jul 2022 02:08:56 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1658912936; cv=none;
        d=google.com; s=arc-20160816;
        b=gzvRGbYmcOaywP3M+47p4Ga6gVxywa461fToAgKmFOdhBmTuUSzHvI+bbj73ybRk3Z
         xWLwG+7GwxX73ylKPIIwrqeMLk/QAxfQ9k3KvEXvET9DQWCdZyrqmuZ7jKGhi7bJW9ev
         lKBOXtO2BkHLuoX6hLslJNzkY3BHAvR2Vpsb5oQRp+aDE6VPr0ZL+HdTJy6e/Dbepp1v
         JRB7aO2Iq0YDtzG8Akf/R5QwivlQWNmR4kLhb2hezrToHGDyok8PCsUPJQ8oHHPU6WMX
         OVszEx6FaGua5jJI+nhiF4TKexhWcxvv4k+2TMxhh1TJrFNu485IhSvvxI3ifHhxydNz
         dgJA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:content-language
         :in-reply-to:mime-version:user-agent:date:message-id:autocrypt:from
         :references:cc:to:subject;
        bh=aLV+TND80ufg7qxknjQTnRtlbt2HKgePbCU8bJvHqhk=;
        b=Vo1YVXhWTUibeMHxQ86uG3ebtKDwvbxpcvNvwKTFMwoflw7Vtso5XksGOhAvYgZhIw
         Xtgva6lBjB3IV7WN2PCgJo/cSZy3cJHvGzwcU9aEpFEnWEehskpIaXhtwBizHs0ewf1M
         Tsiog8QNuqJOXdZemyXNC3thLCqX+AXpgYYqON4QLoD4xvI93o29LwaWBAodnZ+q+ufv
         0wU0cVh2SxRECLYsiDjFNHWDG2dBkw78k+PB2R5bBgb/oGmlfIlPhkt+vrIvtfUM6sUI
         2Tf+90uYZZPFvhIp0Z7zJdhQVT1PpomAPqk17rHF8iCbi4RD1ajmhAtt9grlVw4jhDdG
         YXkQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ispras.ru
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id mp31-20020a1709071b1f00b0072b5acf30f9si17946351ejc.157.2022.07.27.02.08.26;
        Wed, 27 Jul 2022 02:08:56 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ispras.ru
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231344AbiG0JDw (ORCPT <rfc822;alizee.penel@gmail.com>
        + 99 others); Wed, 27 Jul 2022 05:03:52 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45512 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231233AbiG0JDr (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 27 Jul 2022 05:03:47 -0400
Received: from mail.ispras.ru (mail.ispras.ru [83.149.199.84])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9CEB1474C4;
        Wed, 27 Jul 2022 02:03:45 -0700 (PDT)
Received: from [10.10.2.52] (unknown [10.10.2.52])
        by mail.ispras.ru (Postfix) with ESMTPSA id 940BF40737D5;
        Wed, 27 Jul 2022 09:03:38 +0000 (UTC)
Subject: Re: [ldv-project] [PATCH v2] usb: cdns3: change place of 'priv_ep'
 assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable()
To:     Peter Chen <peter.chen@kernel.org>,
        Andrey Strachuk <strochuk@ispras.ru>
Cc:     ldv-project@linuxtesting.org, Pawel Laszczak <pawell@cadence.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org,
        Roger Quadros <rogerq@kernel.org>,
        Aswath Govindraju <a-govindraju@ti.com>
References: <20220718160052.4188-1-strochuk@ispras.ru>
 <20220727083956.GA269370@nchen-desktop>
From:   Alexey Khoroshilov <khoroshilov@ispras.ru>
Autocrypt: addr=khoroshilov@ispras.ru; prefer-encrypt=mutual; keydata=
 xsFNBFtq9eIBEACxmOIPDht+aZvO9DGi4TwnZ1WTDnyDVz3Nnh0rlQCK8IssaT6wE5a95VWo
 iwOWalcL9bJMHQvw60JwZKFjt9oH2bov3xzx/JRCISQB4a4U1J/scWvPtabbB3t+VAodF5KZ
 vZ2gu/Q/Wa5JZ9aBH0IvNpBAAThFg1rBXKh7wNqrhsQlMLg+zTSK6ZctddNl6RyaJvAmbaTS
 sSeyUKXiabxHn3BR9jclXfmPLfWuayinBvW4J3vS+bOhbLxeu3MO0dUqeX/Nl8EAhvzo0I2d
 A0vRu/Ze1wU3EQYT6M8z3i1b3pdLjr/i+MI8Rgijs+TFRAhxRw/+0vHGTg6Pn02t0XkycxQR
 mhH3v0kVTvMyM7YSI7yXvd0QPxb1RX9AGmvbJu7eylzcq9Jla+/T3pOuWsJkbvbvuFKKmmYY
 WnAOR7vu/VNVfiy4rM0bfO14cIuEG+yvogcPuMmQGYu6ZwS9IdgZIOAkO57M/6wR0jIyfxrG
 FV3ietPtVcqeDVrcShKyziRLJ+Xcsg9BLdnImAqVQomYr27pyNMRL5ILuT7uOuAQPDKBksK+
 l2Fws0d5iUifqnXSPuYxqgS4f8SQLS7ECxvCGVVbkEEng9vkkmyrF6wM86BZ9apPGDFbopiK
 7GRxQtSGszVv83abaVb8aDsAudJIp7lLaIuXLZAe1r+ycYpEtQARAQABzSpBbGV4ZXkgS2hv
 cm9zaGlsb3YgPGtob3Jvc2hpbG92QGlzcHJhcy5ydT7CwX0EEwEIACcFAltq9eICGwMFCRLM
 AwAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQ2B/JSzCwrEWLaA/+NFZfyhU0vJzFtYsk
 yaqx8nWZLrAoUK7VcobH0lJH6lfGbarO5JpENaIiTP12YZ4xO+j3GGJtLy2gvnpypGnxmiAl
 RqPt7WeAIj6oqPrUs2QF7i4SOiPtku/NrysI1zHzlA8yqUduBtam5rdQeLRNCJiEED1fU8sp
 +DgJBN/OHEDyAag2hu1KFKWuPfQ+QGpXYZb+1NW/hKwvvwCNVyypELAfFnkketFXjIMwHnL8
 ZPqJZlkvkpxuRXOaXPL9NFhZnC/WS+NJ81L3pr+w6eo3xTPYZvRW8glvqlEDgHqr3uMGIaes
 nwfRXLHp+TC1ht6efCXzdPyMZ1E7HXQN9foKisI1V5iQFhN+CT3dbsguQI4e10F5ql0TZUJY
 SMzvY0eObs6TWRdD/Ha7Y5rLmZ54R9sxumpZNcJzktfgm9f0XfeqVEJUn/40MRDD+l2W12Db
 Jkko+sbtAEw+f+/j3uz8xOE+Uv4kwFC5a6JKgdX88oigHnpAs3FvffP594Loi3ibFrQUW5wH
 bXh5Ni+l1GKEQ0PHMk+KQQT9L2r9s7C0Nh8XzwdpOshZWsrNSZqcG+01wrmUhyX2uSaoZ07I
 /+KZURlMSqI71X6lkMWlB3SyThvYhHgnR0EGGTerwM1MaVjHN+Z6lPmsKNxG8lzCeWeZ6peA
 c5oUHV4WQ8Ux9BM8saLOwU0EW2r14gEQAMz+5u+X7j1/dT4WLVRQaE1Shnd2dKBn2E7fgo/N
 4JIY6wHD/DJoWYQpCJjjvBYSonvQsHicvDW8lPh2EXgZ9Fi8AHKT2mVPitVy+uhfWa/0FtsC
 e3hPfrjTcN7BUcXlIjmptxIoDbvQrNfIWUGdWiyDj4EDfABW/kagXqaBwF2HdcDaNDGggD1c
 DglA0APjezIyTGnGMKsi5QSSlOLm8OZEJMj5t+JL6QXrruijNb5Asmz5mpRQrak7DpGOskjK
 fClm/0oy2zDvWuoXJa+dm3YFr43V+c5EIMA4LpGk63Eg+5NltQ/gj0ycgD5o6reCbjLz4R9D
 JzBezK/KOQuNG5qKUTMbOHWaApZnZ6BDdOVflkV1V+LMo5GvIzkATNLm/7Jj6DmYmXbKoSAY
 BKZiJWqzNsL1AJtmJA1y5zbWX/W4CpNs8qYMYG8eTNOqunzopEhX7T0cOswcTGArZYygiwDW
 BuIS83QRc7udMlQg79qyMA5WqS9g9g/iodlssR9weIVoZSjfjhm5NJ3FmaKnb56h6DSvFgsH
 xCa4s1DGnZGSAtedj8E3ACOsEfu4J/WqXEmvMYNBdGos2YAc+g0hjuOB10BSD98d38xP1vPc
 qNrztIF+TODAl1dNwU4rCSdGQymsrMVFuXnHMH4G+dHvMAwWauzDbnILHAGFyJtfxVefABEB
 AAHCwWUEGAEIAA8FAltq9eICGwwFCRLMAwAACgkQ2B/JSzCwrEU3Rg//eFWHXqTQ5CKw4KrX
 kTFxdXnYKJ5zZB0EzqU6m/FAV7snmygFLbOXYlcMW2Fh306ivj9NKJrlOaPbUzzyDf8dtDAg
 nSbH156oNJ9NHkz0mrxFMpJA2E5AUemOFx57PUYt93pR2B7bF2zGua4gMC+vorDQZjX9kvrL
 Kbenh3boFOe1tUaiRRvEltVFLOg+b+CMkKVbLIQe/HkyKJH5MFiHAF7QxnPHaxyO7QbWaUmF
 6BHVujxAGvNgkrYJb6dpiNNZSFNRodaSToU5oM+z1dCrNNtN3u4R7AYr6DDIDxoSzR4k0ZaG
 uSeqh4xxQCD7vLT3JdZDyhYUJgy9mvSXdkXGdBIhVmeLch2gaWNf5UOutVJwdPbIaUDRjVoV
 Iw6qjKq+mnK3ttuxW5Aeg9Y1OuKEvCVu+U/iEEJxx1JRmVAYq848YqtVPY9DkZdBT4E9dHqO
 n8lr+XPVyMN6SBXkaR5tB6zSkSDrIw+9uv1LN7QIri43fLqhM950ltlveROEdLL1bI30lYO5
 J07KmxgOjrvY8X9WOC3O0k/nFpBbbsM4zUrmF6F5wIYO99xafQOlfpUnVtbo3GnBR2LIcPYj
 SyY3dW28JXo2cftxIOr1edJ+fhcRqYRrPzJrQBZcE2GZjRO8tz6IOMAsc+WMtVfj5grgVHCu
 kK2E04Fb+Zk1eJvHYRc=
Message-ID: <370caacd-6e03-8c8c-1ea6-0beef763fee6@ispras.ru>
Date:   Wed, 27 Jul 2022 12:03:38 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <20220727083956.GA269370@nchen-desktop>
Content-Type: text/plain; charset=utf-8
Content-Language: ru-RU
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NICE_REPLY_A,
        SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 27.07.2022 11:39, Peter Chen wrote:
> On 22-07-18 19:00:52, Andrey Strachuk wrote:
>> If 'ep' is NULL, result of ep_to_cdns3_ep(ep) is invalid pointer
>> and its dereference with priv_ep->cdns3_dev may cause panic.
>>
>> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>>
>> Signed-off-by: Andrey Strachuk <strochuk@ispras.ru>
>> Fixes: 7733f6c32e36 ("usb: cdns3: Add Cadence USB3 DRD Driver")
>> ---
>>  drivers/usb/cdns3/cdns3-gadget.c | 9 ++++++---
>>  1 file changed, 6 insertions(+), 3 deletions(-)
>>
>> diff --git a/drivers/usb/cdns3/cdns3-gadget.c b/drivers/usb/cdns3/cdns3-gadget.c
>> index 5c15c48952a6..aea5db0ec72d 100644
>> --- a/drivers/usb/cdns3/cdns3-gadget.c
>> +++ b/drivers/usb/cdns3/cdns3-gadget.c
>> @@ -2285,13 +2285,14 @@ static int cdns3_gadget_ep_enable(struct usb_ep *ep,
>>  	int val;
>>
>>  	priv_ep = ep_to_cdns3_ep(ep);
>> -	priv_dev = priv_ep->cdns3_dev;
>> -	comp_desc = priv_ep->endpoint.comp_desc;
>>  
>>  	if (!ep || !desc || desc->bDescriptorType != USB_DT_ENDPOINT) {
>>  		dev_dbg(priv_dev->dev, "usbss: invalid parameters\n");
>>  		return -EINVAL;
>>  	}
>> +
>> +	comp_desc = priv_ep->endpoint.comp_desc;
>> +	priv_dev = priv_ep->cdns3_dev;
>>
>>  	if (!desc->wMaxPacketSize) {
>>  		dev_err(priv_dev->dev, "usbss: missing wMaxPacketSize\n");
>> @@ -2600,7 +2601,7 @@ int cdns3_gadget_ep_dequeue(struct usb_ep *ep,
>>  			    struct usb_request *request)
>>  {
>>  	struct cdns3_endpoint *priv_ep = ep_to_cdns3_ep(ep);
>> -	struct cdns3_device *priv_dev = priv_ep->cdns3_dev;
>> +	struct cdns3_device *priv_dev;
>>  	struct usb_request *req, *req_temp;
>>  	struct cdns3_request *priv_req;
>>  	struct cdns3_trb *link_trb;
>> @@ -2610,6 +2611,8 @@ int cdns3_gadget_ep_dequeue(struct usb_ep *ep,
>>  
>>  	if (!ep || !request || !ep->desc)
>>  		return -EINVAL;
>> +
>> +	priv_dev = priv_ep->cdns3_dev;
>>
>>  	spin_lock_irqsave(&priv_dev->lock, flags);
>>
>> -- 
> 
> Acked-by: Peter Chen <peter.chen@kernel.org>
> 

Looks good, but I would suggest to move

  priv_ep = ep_to_cdns3_ep(ep);

below the check of 'ep' as well.

--
Alexey