| Message ID | 20190311063343.20188-1-kjlu@umn.edu |
|---|---|
| State | Awaiting Upstream |
| Delegated to: | David Miller |
| Headers | show |
| Series | net: mlx5: fix a potential NULL pointer dereference | expand |
On Mon, Mar 11, 2019 at 01:33:43AM -0500, Kangjie Lu wrote: > In case skb_header_pointer fails, the fix issues a warning. > > A better fix requires modifying the signature of mlx5e_get_fcs to > pass an error code upstream. > > Signed-off-by: Kangjie Lu <kjlu@umn.edu> > drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c b/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c > index be396e5e4e39..6ec1c110e4be 100644 > +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c > @@ -719,6 +719,8 @@ static u32 mlx5e_get_fcs(const struct sk_buff *skb) > > fcs_bytes = skb_header_pointer(skb, skb->len - ETH_FCS_LEN, > ETH_FCS_LEN, &_fcs_bytes); > + if (unlikely(!fcs_bytes)) > + pr_warn_once("skb_header_pointer returns NULL\n"); This is really pointless. Fix stuff like this so it doesn't oops or don't bother. Jason > return __get_unaligned_cpu32(fcs_bytes); > }
On Mon, 2019-03-11 at 01:33 -0500, Kangjie Lu wrote: > In case skb_header_pointer fails, the fix issues a warning. > This case is impossible: mlx5 driver builds this skb itself so we are sure skb_header_pointer never fails. What is the motivation behind this fix? static checker or actual issue ? > A better fix requires modifying the signature of mlx5e_get_fcs to > pass an error code upstream. > > Signed-off-by: Kangjie Lu <kjlu@umn.edu> > --- > drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c > b/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c > index be396e5e4e39..6ec1c110e4be 100644 > --- a/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c > +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c > @@ -719,6 +719,8 @@ static u32 mlx5e_get_fcs(const struct sk_buff > *skb) > > fcs_bytes = skb_header_pointer(skb, skb->len - ETH_FCS_LEN, > ETH_FCS_LEN, &_fcs_bytes); > + if (unlikely(!fcs_bytes)) > + pr_warn_once("skb_header_pointer returns NULL\n"); > > return __get_unaligned_cpu32(fcs_bytes); > }
From: Kangjie Lu <kjlu@umn.edu> Date: Mon, 11 Mar 2019 01:33:43 -0500 > In case skb_header_pointer fails, the fix issues a warning. > > A better fix requires modifying the signature of mlx5e_get_fcs to > pass an error code upstream. > > Signed-off-by: Kangjie Lu <kjlu@umn.edu> Saeed, I'll let you take this. Thanks.
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c b/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c index be396e5e4e39..6ec1c110e4be 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c @@ -719,6 +719,8 @@ static u32 mlx5e_get_fcs(const struct sk_buff *skb) fcs_bytes = skb_header_pointer(skb, skb->len - ETH_FCS_LEN, ETH_FCS_LEN, &_fcs_bytes); + if (unlikely(!fcs_bytes)) + pr_warn_once("skb_header_pointer returns NULL\n"); return __get_unaligned_cpu32(fcs_bytes); }
In case skb_header_pointer fails, the fix issues a warning. A better fix requires modifying the signature of mlx5e_get_fcs to pass an error code upstream. Signed-off-by: Kangjie Lu <kjlu@umn.edu> --- drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 2 ++ 1 file changed, 2 insertions(+)