Received: by 2002:a05:6500:1b45:b0:1f5:f2ab:c469 with SMTP id cz5csp908660lqb; Wed, 17 Apr 2024 14:39:40 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCX/zIX8dV/tsH1MCjX2ClWwFghkKnK0j5HTcViVsoiaUyvmYkWaDXk9zbeRRpTsesR6VsT0BamOWvDV3AX6U/pqPISVZqbyJlquW3eqUQ== X-Google-Smtp-Source: AGHT+IE0TLWA3+BhfhaJyGpapcW34GrNX0l+JCv8B1kqZ7DAzxKxGIVGZuj6aSla+k8wPkVYWZED X-Received: by 2002:a17:90a:8185:b0:29c:7566:a1d6 with SMTP id e5-20020a17090a818500b0029c7566a1d6mr678577pjn.25.1713389980598; Wed, 17 Apr 2024 14:39:40 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713389980; cv=pass; d=google.com; s=arc-20160816; b=caONRgoFaXVsjrlcr1m5pXDu+hfqhyFxDDw6VlF5QOq8oKf0C7egb0LhCOxvbDZ/SH VtwPAcluzhvQZKjlQa+jMnevHEgGzTumQoxtxSpPtuR8EHvyRotiBxHjs9Gb4EVAVblT uqMsTn64jV6gTjp4vYKe63gl+hQePtd0WoFdGYKdoGfnbiuY0fCAJdzUUyu3rJ2oPoFo ztsSYd+e0uQAB5jGfraNxR2LOAqSzeU6sQxAlj0v1hlc8RxfVwZfSNNy7fb1O5ZJg541 JdgY8v9ivMxVuaFBTlDBdQOtXoiXHDQ4fFV3hjnBbMyb//vCUu+NjM/H/JbJ7Py2iPtG DgoQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:message-id:subject:cc:to:from:date:dkim-signature; bh=nz82gthU4H0gzVnKqCRneaII5j/RA0J3JmroyTGbXns=; fh=d1HfIUfaVdc9VEq1ieAfh8RDSa221oDARPbwCnNgzmA=; b=N1+l0TbTimjN9szqfYrxK6XjivTSZUSXbbZgTQ6+TmgLueQmuvavSbKPVNstXlGofC OkUF0zAu1JrKp8MclNgzPqkprfsqtr/jLnH3zGA3U61M6yEWJantr22RVoQdxyh6VNur 4vtQ1TFIp0/n4m37jtuvA2pLak8X8JCHO7WlizlLcJtZJN0FnlXh9gpu2e/Y70nDHjva ykqGVkHA3gPs5KChd5m4btsR4AquW7W5789nNWnzROjlENBTBmKOgas+113v7Xc788E7 UYOtwoYIYTmhjMei5n+LOL1s+ucungrdYPD05RXu5uzFB02AH4rq5RmPcizXub6rlkV8 t1dQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@quicinc.com header.s=qcppdkim1 header.b=XRTpbr+e; arc=pass (i=1 spf=pass spfdomain=quicinc.com dkim=pass dkdomain=quicinc.com dmarc=pass fromdomain=quicinc.com); spf=pass (google.com: domain of linux-kernel+bounces-149264-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-149264-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=quicinc.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id z7-20020a17090a66c700b002a214986325si165691pjl.12.2024.04.17.14.39.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 17 Apr 2024 14:39:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-149264-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@quicinc.com header.s=qcppdkim1 header.b=XRTpbr+e; arc=pass (i=1 spf=pass spfdomain=quicinc.com dkim=pass dkdomain=quicinc.com dmarc=pass fromdomain=quicinc.com); spf=pass (google.com: domain of linux-kernel+bounces-149264-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-149264-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=quicinc.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 2DDDF282B83 for ; Wed, 17 Apr 2024 21:39:40 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1F1506A8DB; Wed, 17 Apr 2024 21:39:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b="XRTpbr+e" Received: from mx0a-0031df01.pphosted.com (mx0a-0031df01.pphosted.com [205.220.168.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8887F537E5; Wed, 17 Apr 2024 21:39:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.168.131 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713389974; cv=none; b=pPnzV4DumjAM3ezjtTKR4EnZ2j5lIzol4kLewhlHRPCblWoa4tR+YiGmWfTx20YO2kRcA2SNQwaZB9r/sTm/lxud3JlzFIBSF8epGd21BapGwrSFQNd3iWpcGUIV58gBh9qpCM7dxt0X8OoyPLFK5bgh69C3WAgN6fEaWhPJ2Pw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713389974; c=relaxed/simple; bh=q0QCaPKXFQaJRN1yKHQCY4iTcPAK8SFeGcseBNHXKuI=; h=Date:From:To:CC:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=iYDTODPnhZsxgp3zQZ0fqdrBk1oPtQvuC6wa/dmCwDBvfmkNFJwYVcFboC2Mkz9HcX61kD4KIqXlHSl6LN0dA1qAn4zk11gOOizMV8kHLadcsx0ZrhVhPi55qxLBkCTt5cCaFQRa21d7ic7AngEmnwlSva533wVfeb3d2U8CEGk= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com; spf=pass smtp.mailfrom=quicinc.com; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b=XRTpbr+e; arc=none smtp.client-ip=205.220.168.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=quicinc.com Received: from pps.filterd (m0279865.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id 43H8LoRD018023; Wed, 17 Apr 2024 21:39:24 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h= date:from:to:cc:subject:message-id:references:mime-version :content-type:content-transfer-encoding:in-reply-to; s= qcppdkim1; bh=nz82gthU4H0gzVnKqCRneaII5j/RA0J3JmroyTGbXns=; b=XR Tpbr+eghOqh92U4wjOh6wVPT5NRTbypCgO3o5fhk6dVO7O8oCYqzaKh1kQeblTZm B2rmXxZy8EwdRDx/C+lJ0uAXGOCIjXW+sl/4F+09k/zdGx6QwBNWC+5lJHLNlhgW Tfha3ujMEVPcixuxSXyNQO5xp65qAUfTv2Bq2ANrf564MXxwjDgQ72KK5B5ucOkG 9zSBAO/uSr6+wL0l5VwIz6V8qBifAdj7BRkDbdcGBFtjU3Pv2FVeXV0Ii48Cny4z MoJ6JT+v97t2ddSvtYY4PGkUyD0kAiQQX9cI/0mFvf5tDm+WdwgWf6NU2Yhv1wbd 9wC/V6y5wLAQd2Iu7LZQ== Received: from nalasppmta03.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3xjaupt2ng-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 17 Apr 2024 21:39:24 +0000 (GMT) Received: from nalasex01c.na.qualcomm.com (nalasex01c.na.qualcomm.com [10.47.97.35]) by NALASPPMTA03.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 43HLdFfK029845 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 17 Apr 2024 21:39:16 GMT Received: from hu-bjorande-lv.qualcomm.com (10.49.16.6) by nalasex01c.na.qualcomm.com (10.47.97.35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.9; Wed, 17 Apr 2024 14:39:15 -0700 Date: Wed, 17 Apr 2024 14:39:14 -0700 From: Bjorn Andersson To: Viken Dadhaniya CC: , , , , , , , , , Subject: Re: [PATCH v1 RESEND] slimbus: stream: Add null pointer check for client functions Message-ID: References: <20240327083214.29443-1-quic_vdadhani@quicinc.com> <720e1ee0-79b0-4d30-b1b8-a90676057161@quicinc.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <720e1ee0-79b0-4d30-b1b8-a90676057161@quicinc.com> X-ClientProxiedBy: nalasex01b.na.qualcomm.com (10.47.209.197) To nalasex01c.na.qualcomm.com (10.47.97.35) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: hzUEsAMLuivqaa-ID21jar4hQvkob5w3 X-Proofpoint-ORIG-GUID: hzUEsAMLuivqaa-ID21jar4hQvkob5w3 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-04-17_18,2024-04-17_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 bulkscore=0 mlxscore=0 suspectscore=0 priorityscore=1501 adultscore=0 malwarescore=0 phishscore=0 spamscore=0 impostorscore=0 clxscore=1015 lowpriorityscore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2404010003 definitions=main-2404170154 On Wed, Apr 17, 2024 at 03:12:38PM +0530, Viken Dadhaniya wrote: > > > On 4/11/2024 9:26 PM, Bjorn Andersson wrote: > > On Wed, Mar 27, 2024 at 02:02:14PM +0530, Viken Dadhaniya wrote: > > > There is a possible scenario where client driver is calling > > > > How can we asses the validity or the risk of this problem? > > How would I know if this matches e.g. a bug report reported by a user? > > > > Describe the problem such that the reviewer can asses the validity and > > severity of your bug fixes. > > Ok. Updated commit log in v2 > > > > > > slimbus stream APIs in incorrect sequence and it might lead to > > > invalid null access of the stream pointer in slimbus > > > enable/disable/prepare/unprepare/free function. > > > > > > Fix this by checking validity of the stream before accessing in > > > all function API’s exposed to client. > > > > > > > You use the work "fix" a few time, are you fixing an actual bug? Are you > > just guarding the driver from incorrect usage? > > > > If it's a fix, then add Fixes and Cc: stable here. > > Let me correct myself there. Not a fix but consider an improvement where > preventing a crash due to client following the incorrect sequence. > This is C, this is the Linux kernel. We do not account for clients calling random functions in random order. If it happens because there are race conditions, then fix the client driver (there's probably other bugs hidden there). If it's a problem that can happen during bringup due to some misconfiguration, let it go to kernel panic so we can catch it quickly. If there is a valid scenario where this can happen, then clearly describe this in the commit message. > > > > > Signed-off-by: Viken Dadhaniya > > > --- > > > drivers/slimbus/stream.c | 37 +++++++++++++++++++++++++++++++++---- > > > 1 file changed, 33 insertions(+), 4 deletions(-) > > > > > > diff --git a/drivers/slimbus/stream.c b/drivers/slimbus/stream.c > > > index 1d6b38657917..c5a436fd0952 100644 > > > --- a/drivers/slimbus/stream.c > > > +++ b/drivers/slimbus/stream.c > > > @@ -202,10 +202,16 @@ static int slim_get_prate_code(int rate) > > > int slim_stream_prepare(struct slim_stream_runtime *rt, > > > struct slim_stream_config *cfg) > > > { > > > - struct slim_controller *ctrl = rt->dev->ctrl; > > > + struct slim_controller *ctrl; > > > struct slim_port *port; > > > int num_ports, i, port_id, prrate; > > > + if (!rt || !cfg) { > > > + pr_err("%s: Stream or cfg is NULL, Check from client side\n", __func__); > > > > Use dev_err() and write your error messages such that they make sense > > without the use of __func__. > > For error scenario, we don't have valid dev to be used in dev_err argument. > this log will help for debug. Please let us know any concern with pr_err > Yes, I have a concern with this. You will print a line in the log and carry on as if nothing happened. Most likely this will go unnoticed during testing, or you will have bug reports that are extremely hard to take action on. > > > > > + return -EINVAL; > > > > Is this expected to happen during normal operation, or is this a sign of > > a bug? > > > > It's a scenario where client doesn't follow the proper sequence and slimbus > driver can crash if not checked against NULL. > > > > > Neither of the two callers of this function checks the return value, so > > is this really going to result in a good system state? > > > > we expect client to check return value of framework APIs. > Please send bug fixes for these. > > > > It would make sense to require the client to pass valid rt and cfg > > pointers, and if you have an issue in the client driver in which we > > might end up with invalid points, then those drivers should be fixed - > > rather than relying on chance and swipe it under the rug here. > > > > Regards, > > Bjorn > > > > Agree. it is sequence mismatch from client driver, and they should take > care. it is leading to NULL pointer access in slimbus APIs, so prevent crash > by adding check. > You're not just preventing a crash, you're introducing a unexpected (currently undefined, due to lack of error propagation) behavior by just returning an error here. Regards, Bjorn