diff mbox series

[v5,net] ps3/gelic: Fix SKB allocation

Message ID 2f2b4550-8c66-4300-85b5-b9143cc7d918@infradead.org (mailing list archive)
State Superseded
Delegated to: Netdev Maintainers
Headers show
Series [v5,net] ps3/gelic: Fix SKB allocation | expand

Checks

Context Check Description
netdev/series_format success Single patches do not need cover letters
netdev/tree_selection success Clearly marked for net
netdev/ynl success Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present success Fixes tag present in non-next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 8 this patch: 8
netdev/build_tools success No tools touched, skip
netdev/cc_maintainers warning 6 maintainers not CCed: aneesh.kumar@kernel.org npiggin@gmail.com mpe@ellerman.id.au edumazet@google.com naveen.n.rao@linux.ibm.com linuxppc-dev@lists.ozlabs.org
netdev/build_clang success Errors and warnings before: 8 this patch: 8
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success Fixes tag looks correct
netdev/build_allmodconfig_warn success Errors and warnings before: 8 this patch: 8
netdev/checkpatch warning WARNING: line length of 87 exceeds 80 columns
netdev/build_clang_rust success No Rust files in patch. Skipping build
netdev/kdoc success Errors and warnings before: 3 this patch: 3
netdev/source_inline success Was 0 now: 0

Commit Message

Geoff Levand Feb. 19, 2024, 9:12 a.m. UTC 
Commit 3ce4f9c3fbb3 ("net/ps3_gelic_net: Add gelic_descr structures") of
6.8-rc1 had a copy-and-paste error where the pointer that holds the
allocated SKB (struct gelic_descr.skb)  was set to NULL after the SKB was
allocated. This resulted in a kernel panic when the SKB pointer was
accessed.

This fix moves the initialization of the gelic_descr to before the SKB
is allocated.

Reported-by: sambat goson <sombat3960@gmail.com>
Fixes: 3ce4f9c3fbb3 ("net/ps3_gelic_net: Add gelic_descr structures")
Signed-off-by: Geoff Levand <geoff@infradead.org>

Comments

Christophe Leroy Feb. 19, 2024, 10:17 a.m. UTC | #1 
Le 19/02/2024 à 10:12, Geoff Levand a écrit :
> Commit 3ce4f9c3fbb3 ("net/ps3_gelic_net: Add gelic_descr structures") of
> 6.8-rc1 had a copy-and-paste error where the pointer that holds the
> allocated SKB (struct gelic_descr.skb)  was set to NULL after the SKB was
> allocated. This resulted in a kernel panic when the SKB pointer was
> accessed.
> 
> This fix moves the initialization of the gelic_descr to before the SKB
> is allocated.
> 
> Reported-by: sambat goson <sombat3960@gmail.com>
> Fixes: 3ce4f9c3fbb3 ("net/ps3_gelic_net: Add gelic_descr structures")
> Signed-off-by: Geoff Levand <geoff@infradead.org>
> 
> diff --git a/drivers/net/ethernet/toshiba/ps3_gelic_net.c b/drivers/net/ethernet/toshiba/ps3_gelic_net.c
> index d5b75af163d3..28116891d2ce 100644
> --- a/drivers/net/ethernet/toshiba/ps3_gelic_net.c
> +++ b/drivers/net/ethernet/toshiba/ps3_gelic_net.c
> @@ -384,11 +384,6 @@ static int gelic_descr_prepare_rx(struct gelic_card *card,
>   	if (gelic_descr_get_status(descr) !=  GELIC_DESCR_DMA_NOT_IN_USE)
>   		dev_info(ctodev(card), "%s: ERROR status\n", __func__);
>   
> -	descr->skb = netdev_alloc_skb(*card->netdev, rx_skb_size);
> -	if (!descr->skb) {
> -		descr->hw_regs.payload.dev_addr = 0; /* tell DMAC don't touch memory */
> -		return -ENOMEM;
> -	}
>   	descr->hw_regs.dmac_cmd_status = 0;
>   	descr->hw_regs.result_size = 0;
>   	descr->hw_regs.valid_size = 0;
> @@ -397,6 +392,12 @@ static int gelic_descr_prepare_rx(struct gelic_card *card,
>   	descr->hw_regs.payload.size = 0;
>   	descr->skb = NULL;

You are unconditionaly re-assigning value to descr->skb below, so above 
line is useless and should be removed.

>   
> +	descr->skb = netdev_alloc_skb(*card->netdev, rx_skb_size);
> +	if (!descr->skb) {
> +		descr->hw_regs.payload.dev_addr = 0; /* tell DMAC don't touch memory */
> +		return -ENOMEM;
> +	}
> +

Is this code move needed at all ?

At the end, isn't it enough to just drop the line descr->skb = NULL; ?

Christophe

>   	offset = ((unsigned long)descr->skb->data) &
>   		(GELIC_NET_RXBUF_ALIGN - 1);
>   	if (offset)
diff mbox series

Patch

diff --git a/drivers/net/ethernet/toshiba/ps3_gelic_net.c b/drivers/net/ethernet/toshiba/ps3_gelic_net.c
index d5b75af163d3..28116891d2ce 100644
--- a/drivers/net/ethernet/toshiba/ps3_gelic_net.c
+++ b/drivers/net/ethernet/toshiba/ps3_gelic_net.c
@@ -384,11 +384,6 @@  static int gelic_descr_prepare_rx(struct gelic_card *card,
 	if (gelic_descr_get_status(descr) !=  GELIC_DESCR_DMA_NOT_IN_USE)
 		dev_info(ctodev(card), "%s: ERROR status\n", __func__);
 
-	descr->skb = netdev_alloc_skb(*card->netdev, rx_skb_size);
-	if (!descr->skb) {
-		descr->hw_regs.payload.dev_addr = 0; /* tell DMAC don't touch memory */
-		return -ENOMEM;
-	}
 	descr->hw_regs.dmac_cmd_status = 0;
 	descr->hw_regs.result_size = 0;
 	descr->hw_regs.valid_size = 0;
@@ -397,6 +392,12 @@  static int gelic_descr_prepare_rx(struct gelic_card *card,
 	descr->hw_regs.payload.size = 0;
 	descr->skb = NULL;
 
+	descr->skb = netdev_alloc_skb(*card->netdev, rx_skb_size);
+	if (!descr->skb) {
+		descr->hw_regs.payload.dev_addr = 0; /* tell DMAC don't touch memory */
+		return -ENOMEM;
+	}
+
 	offset = ((unsigned long)descr->skb->data) &
 		(GELIC_NET_RXBUF_ALIGN - 1);
 	if (offset)