diff mbox series

[v2] nfp: bpf: Add check for nfp_app_ctrl_msg_alloc()

Message ID 20250218011744.2397726-1-haoxiang_li2024@163.com (mailing list archive)
State Superseded
Delegated to: Netdev Maintainers
Headers show
Series [v2] nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() | expand

Checks

Context Check Description
netdev/series_format warning Single patches do not need cover letters; Target tree name not specified in the subject
netdev/tree_selection success Guessed tree name to be net-next
netdev/ynl success Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present success Fixes tag not required for -next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit fail Errors and warnings before: 0 this patch: 10
netdev/build_tools success No tools touched, skip
netdev/cc_maintainers success CCed 11 of 11 maintainers
netdev/build_clang fail Errors and warnings before: 7 this patch: 11
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success Fixes tag looks correct
netdev/build_allmodconfig_warn fail Errors and warnings before: 30 this patch: 10
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 8 lines checked
netdev/build_clang_rust success No Rust files in patch. Skipping build
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0

Commit Message

Haoxiang Li Feb. 18, 2025, 1:17 a.m. UTC 
Add check for the return value of nfp_app_ctrl_msg_alloc() in
nfp_bpf_cmsg_alloc() to prevent null pointer dereference.

Fixes: ff3d43f7568c ("nfp: bpf: implement helpers for FW map ops")
Cc: stable@vger.kernel.org
Signed-off-by: Haoxiang Li <haoxiang_li2024@163.com>
---
Changes in v2:
- remove the bracket for one single-statement. Thanks, Guru!
---
 drivers/net/ethernet/netronome/nfp/bpf/cmsg.c | 2 ++
 1 file changed, 2 insertions(+)

Comments

Kalesh Anakkur Purayil Feb. 18, 2025, 2:44 a.m. UTC | #1 
On Tue, Feb 18, 2025 at 6:49 AM Haoxiang Li <haoxiang_li2024@163.com> wrote:
>
> Add check for the return value of nfp_app_ctrl_msg_alloc() in
> nfp_bpf_cmsg_alloc() to prevent null pointer dereference.
>
> Fixes: ff3d43f7568c ("nfp: bpf: implement helpers for FW map ops")
> Cc: stable@vger.kernel.org
> Signed-off-by: Haoxiang Li <haoxiang_li2024@163.com>
> ---
> Changes in v2:
> - remove the bracket for one single-statement. Thanks, Guru!
> ---
>  drivers/net/ethernet/netronome/nfp/bpf/cmsg.c | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/drivers/net/ethernet/netronome/nfp/bpf/cmsg.c b/drivers/net/ethernet/netronome/nfp/bpf/cmsg.c
> index 2ec62c8d86e1..b02d5fbb8c8c 100644
> --- a/drivers/net/ethernet/netronome/nfp/bpf/cmsg.c
> +++ b/drivers/net/ethernet/netronome/nfp/bpf/cmsg.c
> @@ -20,6 +20,8 @@ nfp_bpf_cmsg_alloc(struct nfp_app_bpf *bpf, unsigned int size)
>         struct sk_buff *skb;
>
>         skb = nfp_app_ctrl_msg_alloc(bpf->app, size, GFP_KERNEL);
> +       if (!skp)
> +               return NULL;
It looks like you did not compile this change.

Also, next time you push a new version, please modify the subject as:
"[PATCH net v3] xxxx"
>         skb_put(skb, size);
>
>         return skb;
> --
> 2.25.1
>
>
Michal Swiatkowski Feb. 18, 2025, 7:56 a.m. UTC | #2 
On Tue, Feb 18, 2025 at 08:14:49AM +0530, Kalesh Anakkur Purayil wrote:
> On Tue, Feb 18, 2025 at 6:49 AM Haoxiang Li <haoxiang_li2024@163.com> wrote:
> >
> > Add check for the return value of nfp_app_ctrl_msg_alloc() in
> > nfp_bpf_cmsg_alloc() to prevent null pointer dereference.
> >
> > Fixes: ff3d43f7568c ("nfp: bpf: implement helpers for FW map ops")
> > Cc: stable@vger.kernel.org
> > Signed-off-by: Haoxiang Li <haoxiang_li2024@163.com>
> > ---
> > Changes in v2:
> > - remove the bracket for one single-statement. Thanks, Guru!
> > ---
> >  drivers/net/ethernet/netronome/nfp/bpf/cmsg.c | 2 ++
> >  1 file changed, 2 insertions(+)
> >
> > diff --git a/drivers/net/ethernet/netronome/nfp/bpf/cmsg.c b/drivers/net/ethernet/netronome/nfp/bpf/cmsg.c
> > index 2ec62c8d86e1..b02d5fbb8c8c 100644
> > --- a/drivers/net/ethernet/netronome/nfp/bpf/cmsg.c
> > +++ b/drivers/net/ethernet/netronome/nfp/bpf/cmsg.c
> > @@ -20,6 +20,8 @@ nfp_bpf_cmsg_alloc(struct nfp_app_bpf *bpf, unsigned int size)
> >         struct sk_buff *skb;
> >
> >         skb = nfp_app_ctrl_msg_alloc(bpf->app, size, GFP_KERNEL);
> > +       if (!skp)
> > +               return NULL;
> It looks like you did not compile this change.
> 
> Also, next time you push a new version, please modify the subject as:
> "[PATCH net v3] xxxx"

Yeah, you need to send v3 (skp -> skb). Fix looks fine, other call to
nfp_app_ctrl_msg_alloc() is checking returned value as here.

Feel free to add my RB tag in v3.
Reviewed-by: Michal Swiatkowski <michal.swiatkowski@linux.intel.com>

> >         skb_put(skb, size);
> >
> >         return skb;
> > --
> > 2.25.1
> >
> >
> 
> 
> -- 
> Regards,
> Kalesh AP
diff mbox series

Patch

diff --git a/drivers/net/ethernet/netronome/nfp/bpf/cmsg.c b/drivers/net/ethernet/netronome/nfp/bpf/cmsg.c
index 2ec62c8d86e1..b02d5fbb8c8c 100644
--- a/drivers/net/ethernet/netronome/nfp/bpf/cmsg.c
+++ b/drivers/net/ethernet/netronome/nfp/bpf/cmsg.c
@@ -20,6 +20,8 @@  nfp_bpf_cmsg_alloc(struct nfp_app_bpf *bpf, unsigned int size)
 	struct sk_buff *skb;
 
 	skb = nfp_app_ctrl_msg_alloc(bpf->app, size, GFP_KERNEL);
+	if (!skp)
+		return NULL;
 	skb_put(skb, size);
 
 	return skb;