[PATCH] cxl: Fix error path on bad ioctl

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[PATCH] cxl: Fix error path on bad ioctl

Frederic Barrat-2
Fix error path if we can't copy user structure on
CXL_IOCTL_START_WORK ioctl.

Signed-off-by: Frederic Barrat <[hidden email]>
Cc: [hidden email]
---
 drivers/misc/cxl/file.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/drivers/misc/cxl/file.c b/drivers/misc/cxl/file.c
index 17b433f1ce23..caa44adfa60e 100644
--- a/drivers/misc/cxl/file.c
+++ b/drivers/misc/cxl/file.c
@@ -160,10 +160,8 @@ static long afu_ioctl_start_work(struct cxl_context *ctx,
  /* Do this outside the status_mutex to avoid a circular dependency with
  * the locking in cxl_mmap_fault() */
  if (copy_from_user(&work, uwork,
-   sizeof(struct cxl_ioctl_start_work))) {
- rc = -EFAULT;
- goto out;
- }
+   sizeof(struct cxl_ioctl_start_work)))
+ return -EFAULT;
 
  mutex_lock(&ctx->status_mutex);
  if (ctx->status != OPENED) {
--
2.11.0

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [PATCH] cxl: Fix error path on bad ioctl

Vaibhav Jain
Hi Fred,

Good catch.

Frederic Barrat <[hidden email]> writes:

> Fix error path if we can't copy user structure on
> CXL_IOCTL_START_WORK ioctl.
>
> Signed-off-by: Frederic Barrat <[hidden email]>
> Cc: [hidden email]
> ---
>  drivers/misc/cxl/file.c | 6 ++----
>  1 file changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/misc/cxl/file.c b/drivers/misc/cxl/file.c
> index 17b433f1ce23..caa44adfa60e 100644
> --- a/drivers/misc/cxl/file.c
> +++ b/drivers/misc/cxl/file.c
> @@ -160,10 +160,8 @@ static long afu_ioctl_start_work(struct cxl_context *ctx,
>   /* Do this outside the status_mutex to avoid a circular dependency with
>   * the locking in cxl_mmap_fault() */
>   if (copy_from_user(&work, uwork,
> -   sizeof(struct cxl_ioctl_start_work))) {
> - rc = -EFAULT;
> - goto out;
> - }
> +   sizeof(struct cxl_ioctl_start_work)))

Bike-shedding a bit, but
s/sizeof(struct cxl_ioctl_start_work)))/sizeof(work)/
would look much cleaner


Reviewed-by: Vaibhav Jain <[hidden email]>

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [PATCH] cxl: Fix error path on bad ioctl

Andrew Donnellan
In reply to this post by Frederic Barrat-2
On 03/06/17 02:15, Frederic Barrat wrote:
> Fix error path if we can't copy user structure on
> CXL_IOCTL_START_WORK ioctl.
>
> Signed-off-by: Frederic Barrat <[hidden email]>
> Cc: [hidden email]

Reviewed-by: Andrew Donnellan <[hidden email]>

--
Andrew Donnellan              OzLabs, ADL Canberra
[hidden email]  IBM Australia Limited

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [PATCH] cxl: Fix error path on bad ioctl

Michael Ellerman-2
In reply to this post by Frederic Barrat-2
Frederic Barrat <[hidden email]> writes:

> Fix error path if we can't copy user structure on
> CXL_IOCTL_START_WORK ioctl.

To be clear the error is that returning via the out label will unlock
cxl->status_mutex, which has not been locked.

Please spell it out for me :)

This should be:

  Fixes: 0712dc7e73e5 ("cxl: Fix issues when unmapping contexts")

Am I right?

cheers

> diff --git a/drivers/misc/cxl/file.c b/drivers/misc/cxl/file.c
> index 17b433f1ce23..caa44adfa60e 100644
> --- a/drivers/misc/cxl/file.c
> +++ b/drivers/misc/cxl/file.c
> @@ -160,10 +160,8 @@ static long afu_ioctl_start_work(struct cxl_context *ctx,
>   /* Do this outside the status_mutex to avoid a circular dependency with
>   * the locking in cxl_mmap_fault() */
>   if (copy_from_user(&work, uwork,
> -   sizeof(struct cxl_ioctl_start_work))) {
> - rc = -EFAULT;
> - goto out;
> - }
> +   sizeof(struct cxl_ioctl_start_work)))
> + return -EFAULT;
>  
>   mutex_lock(&ctx->status_mutex);
>   if (ctx->status != OPENED) {
> --
> 2.11.0
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [PATCH] cxl: Fix error path on bad ioctl

Frederic Barrat-2


Le 06/06/2017 à 11:20, Michael Ellerman a écrit :

> Frederic Barrat <[hidden email]> writes:
>
>> Fix error path if we can't copy user structure on
>> CXL_IOCTL_START_WORK ioctl.
>
> To be clear the error is that returning via the out label will unlock
> cxl->status_mutex, which has not been locked.
>
> Please spell it out for me :)
>
> This should be:
>
>    Fixes: 0712dc7e73e5 ("cxl: Fix issues when unmapping contexts")
>
> Am I right?


That's correct. I'm about to send a v2 to address Vaibhav's comment and
I'll fix the above as well.

Thanks,

   Fred



> cheers
>
>> diff --git a/drivers/misc/cxl/file.c b/drivers/misc/cxl/file.c
>> index 17b433f1ce23..caa44adfa60e 100644
>> --- a/drivers/misc/cxl/file.c
>> +++ b/drivers/misc/cxl/file.c
>> @@ -160,10 +160,8 @@ static long afu_ioctl_start_work(struct cxl_context *ctx,
>>   /* Do this outside the status_mutex to avoid a circular dependency with
>>   * the locking in cxl_mmap_fault() */
>>   if (copy_from_user(&work, uwork,
>> -   sizeof(struct cxl_ioctl_start_work))) {
>> - rc = -EFAULT;
>> - goto out;
>> - }
>> +   sizeof(struct cxl_ioctl_start_work)))
>> + return -EFAULT;
>>  
>>   mutex_lock(&ctx->status_mutex);
>>   if (ctx->status != OPENED) {
>> --
>> 2.11.0
>

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [PATCH] cxl: Fix error path on bad ioctl

Michael Ellerman-2
Frederic Barrat <[hidden email]> writes:

> Le 06/06/2017 à 11:20, Michael Ellerman a écrit :
>> Frederic Barrat <[hidden email]> writes:
>>
>>> Fix error path if we can't copy user structure on
>>> CXL_IOCTL_START_WORK ioctl.
>>
>> To be clear the error is that returning via the out label will unlock
>> cxl->status_mutex, which has not been locked.
>>
>> Please spell it out for me :)
>>
>> This should be:
>>
>>    Fixes: 0712dc7e73e5 ("cxl: Fix issues when unmapping contexts")
>>
>> Am I right?
>
> That's correct. I'm about to send a v2 to address Vaibhav's comment and
> I'll fix the above as well.

Thanks.

cheers
Loading...