Received: by 2002:a05:7412:798b:b0:fc:a2b0:25d7 with SMTP id fb11csp177480rdb; Wed, 21 Feb 2024 23:23:48 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVNGBvh/U70yS7k04BSmRylM9dv+BvQ9lgyOGWCEYc1C0nHr4UK9FGxb92Z0R3IKYqbdybZf+GJCm181C5iiOFuCkTZRxv9fTVXQhVX4Q== X-Google-Smtp-Source: AGHT+IHg3IF8vExajEnARJ5WfOYWuyl7BnNN5gvuhrSjLG1wVYUAx/JxaoJR1U1Y41ako+bRjKys X-Received: by 2002:a17:906:e210:b0:a3c:5e17:1635 with SMTP id gf16-20020a170906e21000b00a3c5e171635mr1521521ejb.30.1708586628042; Wed, 21 Feb 2024 23:23:48 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708586628; cv=pass; d=google.com; s=arc-20160816; b=nJ25gkEjqfwZZZTaSE2rWd/gksIm4TS7K20kdjna/d7xkjZ9BVTe7Sonv51iXdNOHJ G8nLOcwHC/i0eCfmc769VAus80VPgvbatOn5IQXMYR2DzelklpihGQLYF2/+5UtZYK2F Gn6/XseWAYkFHVNWOP9kVfI1k5i7wu6if8V6QyAYggT6qhMQ1q+UeE46O4DllIPFRuTj 6EctajXY+eJTW0ZjPUHVxMlkReeMER4jIGaRn701XiQ79tTY+2CLpsjO84YdrllBcaIM qO3vKb8dIzxzilIgZ7gzEN0uopcF494P6TBrtOpiXt0yM3etg5fd+ATsej+gh8slas+v eLNw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id:dkim-signature; bh=qK+2MaZFtcEDhEaWdoLRlOAD4pAHu2LPjRADBtfdHbU=; fh=uszZqNeu3lU6I61BiCxvXeUJkWxhuSqzZAEKWGua/jU=; b=diGS6edZ+OD7BgHTgdh4hhJE4dprZqBDlQw5gB1Ytm9VsiSmtz4kdOk1hpWNo99whA wGxaUxqUsBVjOZaQPIK8mwLJ3gsdnK6G/QVaqgPd/d6d4w5mQpBbU0tRLU1WzPGuyOYp ox3exyLPWWkuXvQxJgejLhsP+q0okss7A/uviCrIkjpNsXjoot+DcENWvlyWd7mJAlyx p7b4P5XkbZfIMTPiwMQHZW3IIsr7SE7IRHD2uwbGf3Tah9BPbrajeW29ArVRdQ+AkkMw 8R9H1Ux70x365d8vda2zBsQKfN0SksaWfQFbWGngIVM+DBQC/cZFdpOWlBV0PzsNFAAX SrOA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=sxFGqYjM; arc=pass (i=1 dkim=pass dkdomain=infradead.org); spf=pass (google.com: domain of linux-kernel+bounces-76008-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-76008-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id lj16-20020a170906f9d000b00a3f4452dd1dsi1150841ejb.212.2024.02.21.23.23.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 21 Feb 2024 23:23:48 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-76008-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=sxFGqYjM; arc=pass (i=1 dkim=pass dkdomain=infradead.org); spf=pass (google.com: domain of linux-kernel+bounces-76008-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-76008-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id C90531F22FA6 for ; Thu, 22 Feb 2024 07:23:47 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 108251799E; Thu, 22 Feb 2024 07:23:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b="sxFGqYjM" Received: from casper.infradead.org (casper.infradead.org [90.155.50.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6D41BFBF2; Thu, 22 Feb 2024 07:23:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=90.155.50.34 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708586617; cv=none; b=K91GfVlRvxD+lMV2GjQ6C2WRvSn5rwn1vQnnttXziWzQxhrKjbpUY5+posgOQP49WWEdRHIU1Ry4+opMCK3rdExZGp5cFuGps1jWm02sX8Z5fR+hkodwodUlcjNGvlSePeNKrWAVYBileb0CEluRezIFywBMCHryXZLD1HRxlKk= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708586617; c=relaxed/simple; bh=U48hwvgqhEIEdswwj03YABtvmBx7WhMiKcJ3GZXfkqM=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=IGaMVX4O95P67X3njdclgf7LrbE15bno8K8qfQGOakwbBnO4eh232kIlCkm3NBWRVqzHL4E52ZW7PNY95DlqbNzuU3ddWhGpuOuUDk6QisEQ2mi/5ERj9ryxCJ4RFJmDNCUgdnMpua6EzRLJ06wtUH3UHyMw+ofZEia1pG/ooNI= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=infradead.org; spf=none smtp.mailfrom=infradead.org; dkim=pass (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b=sxFGqYjM; arc=none smtp.client-ip=90.155.50.34 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=infradead.org Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Content-Transfer-Encoding:Content-Type: In-Reply-To:From:References:Cc:To:Subject:MIME-Version:Date:Message-ID:Sender :Reply-To:Content-ID:Content-Description; bh=qK+2MaZFtcEDhEaWdoLRlOAD4pAHu2LPjRADBtfdHbU=; b=sxFGqYjMuCWZPr4RlDWt+cqv7f qzljRBv4zqwhAg/LgXloVt35JBpbUBM3Rtahv5G3i9+Zi+qeBeFBqwkNmhAijpZvlq5pPs82BhBWv RrRNvum3/SNH1UPNYEfgxLGt7TrSE/R0esLDOESLw8pA6MOjJ3nOrgaOdi0oBUfrBZ/Vi32jjPNJ1 Fh5jcvJ5UcjyU+MlAySGzd7raq+/v6nAZseaPg65SeBL6HBAz1/XL5PrTEFcKg+EdS40UApIZARu6 cMVhqlZgEmqRVnAYgM0kBX428ZNQ/sFXHHIvJpPDtE1It05ATljdM2tnLn2lySgRV/YG1ZYwEiKP8 qO3cgalA==; Received: from 124x35x135x198.ap124.ftth.ucom.ne.jp ([124.35.135.198] helo=[192.168.2.109]) by casper.infradead.org with esmtpsa (Exim 4.97.1 #2 (Red Hat Linux)) id 1rd3QJ-00000002uXc-3NVq; Thu, 22 Feb 2024 07:23:16 +0000 Message-ID: <13059273-4b1c-4e8e-a929-25fcf01bb727@infradead.org> Date: Thu, 22 Feb 2024 16:23:08 +0900 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH RFC net] ps3/gelic: Fix possible NULL pointer dereference Content-Language: en-US To: Simon Horman , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: Michael Ellerman , Nicholas Piggin , Christophe Leroy , "Aneesh Kumar K.V" , "Naveen N. Rao" , Jeff Garzik , Dan Carpenter , netdev@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org References: <20240221-ps3-gelic-null-deref-v1-1-f4fe159c7cb0@kernel.org> From: Geoff Levand In-Reply-To: <20240221-ps3-gelic-null-deref-v1-1-f4fe159c7cb0@kernel.org> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Hi Simon, On 2/22/24 01:56, Simon Horman wrote: > Fix possible NULL pointer dereference in gelic_card_release_tx_chain() > > The cited commit introduced a netdev variable to > gelic_card_release_tx_chain() which is set unconditionally on each > iteration of a for loop. > > It is set to the value of tx_chain->tail->skb->dev. However, in some > cases it is assumed that tx_chain->tail->skb may be NULL. And if that > occurs, setting netdev will cause a NULl pointer dereference. > > Given the age of this code I do wonder if this can occur in practice. > But to be on the safe side this patch assumes that it can and aims to > avoid the dereference in the case where tx_chain->tail->skb may be NULL. After 17+ years I never hit this, and never heard of anyone hitting it... > Flagged by Smatch. > Compile tested only. Thanks for 'fixing' this. Acked-by: Geoff Levand