Message ID | 20190510030320.109154-3-wangkefeng.wang@huawei.com |
---|---|
State | Deferred |
Headers | show |
Series | None | expand |
Hi Kefeng, On Fri, 10 May 2019 11:03:20 +0800, Kefeng Wang wrote: > If ioremap fails, NULL pointer dereference will happen and > leading to a kernel panic when access the virtual address > in check_signature(). > > Fix it by check the return value of ioremap. > > Cc: Jean Delvare <jdelvare@suse.com> > Cc: Wolfram Sang <wsa@the-dreams.de> > Cc: linux-i2c@vger.kernel.org > Reported-by: Hulk Robot <hulkci@huawei.com> > Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> > --- > drivers/i2c/busses/i2c-i801.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/drivers/i2c/busses/i2c-i801.c b/drivers/i2c/busses/i2c-i801.c > index 679c6c41f64b..fc6ccb8aba17 100644 > --- a/drivers/i2c/busses/i2c-i801.c > +++ b/drivers/i2c/busses/i2c-i801.c > @@ -1068,7 +1068,10 @@ static void __init input_apanel_init(void) > void __iomem *bios; > const void __iomem *p; > > - bios = ioremap(0xF0000, 0x10000); /* Can't fail */ > + bios = ioremap(0xF0000, 0x10000); > + if (!base) That would be "if (!bios)". Please don't send patches without at least test-building the result. We don't need this anyway. The comment says it can't fail, so why bother checking for a condition which will never happen? > + return -ENOMEM; > + > p = bios_signature(bios); > if (p) { > /* just use the first address */
On 2019/5/10 16:09, Jean Delvare wrote: > Hi Kefeng, > > On Fri, 10 May 2019 11:03:20 +0800, Kefeng Wang wrote: >> If ioremap fails, NULL pointer dereference will happen and >> leading to a kernel panic when access the virtual address >> in check_signature(). >> >> Fix it by check the return value of ioremap. >> >> Cc: Jean Delvare <jdelvare@suse.com> >> Cc: Wolfram Sang <wsa@the-dreams.de> >> Cc: linux-i2c@vger.kernel.org >> Reported-by: Hulk Robot <hulkci@huawei.com> >> Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> >> --- >> drivers/i2c/busses/i2c-i801.c | 5 ++++- >> 1 file changed, 4 insertions(+), 1 deletion(-) >> >> diff --git a/drivers/i2c/busses/i2c-i801.c b/drivers/i2c/busses/i2c-i801.c >> index 679c6c41f64b..fc6ccb8aba17 100644 >> --- a/drivers/i2c/busses/i2c-i801.c >> +++ b/drivers/i2c/busses/i2c-i801.c >> @@ -1068,7 +1068,10 @@ static void __init input_apanel_init(void) >> void __iomem *bios; >> const void __iomem *p; >> >> - bios = ioremap(0xF0000, 0x10000); /* Can't fail */ >> + bios = ioremap(0xF0000, 0x10000); >> + if (!base) > That would be "if (!bios)". Please don't send patches without at least > test-building the result. sorry, copy error. > We don't need this anyway. The comment says it can't fail, so why > bother checking for a condition which will never happen? The ioremap could fails due to no memory, our inner test robot(enable FAULT_INJECTION) find this issue. > >> + return -ENOMEM; >> + >> p = bios_signature(bios); >> if (p) { >> /* just use the first address */ >
On Fri, 10 May 2019 17:35:46 +0800, Kefeng Wang wrote: > On 2019/5/10 16:09, Jean Delvare wrote: > > We don't need this anyway. The comment says it can't fail, so why > > bother checking for a condition which will never happen? > > The ioremap could fails due to no memory, our inner test robot(enable FAULT_INJECTION) > > find this issue. The code only runs on x86 where this specific memory segment is standardized for the purpose. That's how we know it "can't fail". That being said, maybe it could fail for other reasons (internal kernel bug, or bogus BIOS maybe), and I don't care adding the check anyway, as this code path is not performance critical.
On 2019/5/10 20:18, Jean Delvare wrote: > On Fri, 10 May 2019 17:35:46 +0800, Kefeng Wang wrote: >> On 2019/5/10 16:09, Jean Delvare wrote: >>> We don't need this anyway. The comment says it can't fail, so why >>> bother checking for a condition which will never happen? >> The ioremap could fails due to no memory, our inner test robot(enable FAULT_INJECTION) >> >> find this issue. > The code only runs on x86 where this specific memory segment is > standardized for the purpose. That's how we know it "can't fail". > > That being said, maybe it could fail for other reasons (internal kernel > bug, or bogus BIOS maybe), and I don't care adding the check > anyway, as this code path is not performance critical. Got it , please ignore it. >
diff --git a/drivers/i2c/busses/i2c-i801.c b/drivers/i2c/busses/i2c-i801.c index 679c6c41f64b..fc6ccb8aba17 100644 --- a/drivers/i2c/busses/i2c-i801.c +++ b/drivers/i2c/busses/i2c-i801.c @@ -1068,7 +1068,10 @@ static void __init input_apanel_init(void) void __iomem *bios; const void __iomem *p; - bios = ioremap(0xF0000, 0x10000); /* Can't fail */ + bios = ioremap(0xF0000, 0x10000); + if (!base) + return -ENOMEM; + p = bios_signature(bios); if (p) { /* just use the first address */
If ioremap fails, NULL pointer dereference will happen and leading to a kernel panic when access the virtual address in check_signature(). Fix it by check the return value of ioremap. Cc: Jean Delvare <jdelvare@suse.com> Cc: Wolfram Sang <wsa@the-dreams.de> Cc: linux-i2c@vger.kernel.org Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> --- drivers/i2c/busses/i2c-i801.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)