Message ID | 20230227135241.947052-1-void0red@gmail.com (mailing list archive) |
---|---|
State | Superseded |
Delegated to: | Felix Fietkau |
Headers | show |
Series | [v2] wifi: mt76: add a check of vzalloc in mt7615_coredump_work | expand |
> From: Kang Chen <void0red@gmail.com> > > vzalloc may fails, dump might be null and will cause > illegal address access later. > > Fixes: d2bf7959d9c0 ("mt76: mt7663: introduce coredump support") > Signed-off-by: Kang Chen <void0red@gmail.com> > --- > v2 -> v1: add Fixes tag > > drivers/net/wireless/mediatek/mt76/mt7615/mac.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/drivers/net/wireless/mediatek/mt76/mt7615/mac.c b/drivers/net/wireless/mediatek/mt76/mt7615/mac.c > index a95602473..73d84c301 100644 > --- a/drivers/net/wireless/mediatek/mt76/mt7615/mac.c > +++ b/drivers/net/wireless/mediatek/mt76/mt7615/mac.c > @@ -2367,6 +2367,9 @@ void mt7615_coredump_work(struct work_struct *work) > } > > dump = vzalloc(MT76_CONNAC_COREDUMP_SZ); > + if (!dump) > + return; > + > data = dump; > > while (true) { > -- > 2.34.1 > revieweing the code I guess the right approach would be the one used in mt7921_coredump_work(): - free pending skbs - not run dev_coredumpv() What do you think? Regards, Lorenzo
Hi, Lorenzo Thanks for your suggestions. I totally agree with you. Best regards, Kang Chen On Mon, Feb 27, 2023 at 10:07 PM Lorenzo Bianconi <lorenzo.bianconi@redhat.com> wrote: > > > From: Kang Chen <void0red@gmail.com> > > > > vzalloc may fails, dump might be null and will cause > > illegal address access later. > > > > Fixes: d2bf7959d9c0 ("mt76: mt7663: introduce coredump support") > > Signed-off-by: Kang Chen <void0red@gmail.com> > > --- > > v2 -> v1: add Fixes tag > > > > drivers/net/wireless/mediatek/mt76/mt7615/mac.c | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/drivers/net/wireless/mediatek/mt76/mt7615/mac.c b/drivers/net/wireless/mediatek/mt76/mt7615/mac.c > > index a95602473..73d84c301 100644 > > --- a/drivers/net/wireless/mediatek/mt76/mt7615/mac.c > > +++ b/drivers/net/wireless/mediatek/mt76/mt7615/mac.c > > @@ -2367,6 +2367,9 @@ void mt7615_coredump_work(struct work_struct *work) > > } > > > > dump = vzalloc(MT76_CONNAC_COREDUMP_SZ); > > + if (!dump) > > + return; > > + > > data = dump; > > > > while (true) { > > -- > > 2.34.1 > > > > revieweing the code I guess the right approach would be the one used in > mt7921_coredump_work(): > - free pending skbs > - not run dev_coredumpv() > > What do you think? > > Regards, > Lorenzo
diff --git a/drivers/net/wireless/mediatek/mt76/mt7615/mac.c b/drivers/net/wireless/mediatek/mt76/mt7615/mac.c index a95602473..73d84c301 100644 --- a/drivers/net/wireless/mediatek/mt76/mt7615/mac.c +++ b/drivers/net/wireless/mediatek/mt76/mt7615/mac.c @@ -2367,6 +2367,9 @@ void mt7615_coredump_work(struct work_struct *work) } dump = vzalloc(MT76_CONNAC_COREDUMP_SZ); + if (!dump) + return; + data = dump; while (true) {