| Message ID | 20230321061416.626561-1-harshit.m.mogalapalli@oracle.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:604a:0:0:0:0:0 with SMTP id j10csp1614808wrt;
Mon, 20 Mar 2023 23:27:35 -0700 (PDT)
X-Google-Smtp-Source:
AK7set9n6uQfG6xLIOcUEK1cCh3Z0W9tospQ55N01VxgPnD3jGsjBYcyJtRBnOE37XiU8N3EaV/Z
X-Received: by 2002:a17:902:dac7:b0:1a1:9fa4:1b18 with SMTP id
q7-20020a170902dac700b001a19fa41b18mr1374272plx.19.1679380054735;
Mon, 20 Mar 2023 23:27:34 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1679380054; cv=none;
d=google.com; s=arc-20160816;
b=sxxl1WG5NB/hvHX/dqqAgcXhtnldr+9pN22uysccNgCMUcwazUMpGAqQbBIQ3Lh1Xu
ynyKNUGuNwpWTIALhPWLZKus3fSV4yyYJBfjTSX+mk3uTcCOvhq4PnZX4KiYZKx0RRSX
/9sfFVuzElo3u3AdSSBuQk2KzNGd1lsPJs24O/gRVy2cFyuejIfT/g0zdF/jRbPoV15K
eoqSEdiO1mclGxMioZTA6KqpQFO3j9DLd5y9PeGdfJSYBU6xkyA9sVSQfA4akL6oGoWq
dCwYtDrf0FjIeW834V01KPlR5bymXwmBjpUb6i1SpiJX3hT/y8ZFcvgdphW3NOL5TsVC
ZWqQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:to:content-transfer-encoding:mime-version
:message-id:date:subject:cc:from:dkim-signature;
bh=ZOl7fW9E2m8w3D6IDDukX+qWzbE312TtGl5lZIx8pKo=;
b=wNHBQNSPup5nY3OWZ2pNBrePwVB7tv1Y9uOwdOQ0kL9Ixi2ssLVU7n3al3cF5esKyj
cVe+OCCTv4h0NKnhdMrwwyggubnzsoU3WHE4CuT7PQrk8p4lV9wjtcTCv2AiTgT2YFgy
fG5XhTu0XsxfpwJG41B8Vnqk8yByM0sFl/bxIFtORjxALqz14NHf41rz/QtEIJndzUof
WEEGrQbOdC9BTyGjeR+hxLJy0gQlZeivZNEFrx+x3ZGhkWqA7T2+pYyIjXIA7QOcB6Xc
3J9VfZy58ysv1pQ/UcaDp0gwpLafiKyB8S8FAJeus8P/h8HUDOrQf8DZYKTXgBA8ffUV
4Kkw==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=fail header.i=@oracle.com header.s=corp-2022-7-12
header.b=tA+wig2G;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
a21-20020a63e855000000b0050bfa82c244si12577252pgk.440.2023.03.20.23.27.05;
Mon, 20 Mar 2023 23:27:34 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=fail header.i=@oracle.com header.s=corp-2022-7-12
header.b=tA+wig2G;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S230137AbjCUGOe (ORCPT <rfc822;pusanteemu@gmail.com> + 99 others);
Tue, 21 Mar 2023 02:14:34 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41980 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S230119AbjCUGOc (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 21 Mar 2023 02:14:32 -0400
Received: from mx0b-00069f02.pphosted.com (mx0b-00069f02.pphosted.com
[205.220.177.32])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BAFDC3C1A;
Mon, 20 Mar 2023 23:14:30 -0700 (PDT)
Received: from pps.filterd (m0246630.ppops.net [127.0.0.1])
by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id
32KM4dTS019776;
Tue, 21 Mar 2023 06:14:23 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com;
h=from : to : cc :
subject : date : message-id : mime-version : content-transfer-encoding;
s=corp-2022-7-12; bh=ZOl7fW9E2m8w3D6IDDukX+qWzbE312TtGl5lZIx8pKo=;
b=tA+wig2GQBjRAPOb/j4orpZUCSj2sGk3N+LvFrwSqIsJp7xjrhGF2SNXqpToE0vILCqZ
OVFhzL8GlNxMpPdG2mJRaRB3z/5Uwp1HK7dMe/XBY1uorztI56XOMMgPastqUmwca7Sh
Ms2ElgdLw/mf80k9L7rl/S5dGQIuCJr+DSYqos4f3je2ZIkgkjMhSonX3GOYZJ4cspZq
SalTQ8m1K1oZj6VbkCW4A6d6ktIT/Cq0GcooRSj9aBcBmY+tywBGuoKfp4vejJHnl5Xu
Iu+bJEJbf3CqE3cZS8VCEncFfNYEHlRokUX0WMyMHlY+kMVP1pN7PRbj3Y35asUmJdx9 UA==
Received: from phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com
(phxpaimrmta02.appoci.oracle.com [147.154.114.232])
by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3pd3qdn890-1
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256
verify=OK);
Tue, 21 Mar 2023 06:14:23 +0000
Received: from pps.filterd
(phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1])
by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com
(8.17.1.5/8.17.1.5) with ESMTP id 32L5YTHh006382;
Tue, 21 Mar 2023 06:14:22 GMT
Received: from pps.reinject (localhost [127.0.0.1])
by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with
ESMTPS id 3pd3r58mg1-1
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256
verify=OK);
Tue, 21 Mar 2023 06:14:22 +0000
Received: from phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com
(phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1])
by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 32L6EL2J032882;
Tue, 21 Mar 2023 06:14:21 GMT
Received: from ca-dev112.us.oracle.com (ca-dev112.us.oracle.com
[10.129.136.47])
by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with
ESMTP id 3pd3r58mfr-1;
Tue, 21 Mar 2023 06:14:21 +0000
From: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Cc: error27@gmail.com,
Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>,
Peter Huewe <peterhuewe@gmx.de>,
Jarkko Sakkinen <jarkko@kernel.org>,
Jason Gunthorpe <jgg@ziepe.ca>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH next] tpm: Fix a possible dereference of ERR_PTR in tpm_init()
Date: Mon, 20 Mar 2023 23:14:15 -0700
Message-Id: <20230321061416.626561-1-harshit.m.mogalapalli@oracle.com>
X-Mailer: git-send-email 2.39.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Proofpoint-Virus-Version: vendor=baseguard
engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22
definitions=2023-03-21_03,2023-03-20_02,2023-02-09_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0
phishscore=0 mlxscore=0
mlxlogscore=999 malwarescore=0 suspectscore=0 adultscore=0 spamscore=0
classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2303150002
definitions=main-2303210048
X-Proofpoint-GUID: RS7UITh5dQhsbbRicWWnSQx0DUOHpg34
X-Proofpoint-ORIG-GUID: RS7UITh5dQhsbbRicWWnSQx0DUOHpg34
X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW,
RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=ham
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
To: unlisted-recipients:; (no To-header on input)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1760957620322404197?=
X-GMAIL-MSGID: =?utf-8?q?1760957620322404197?=
|
| Series |
[next] tpm: Fix a possible dereference of ERR_PTR in tpm_init()
|
|
Commit Message
Harshit Mogalapalli
March 21, 2023, 6:14 a.m. UTC
Smatch reports:
drivers/char/tpm/tpm-interface.c:470 tpm_init() error:
'tpm_class' dereferencing possible ERR_PTR()
If class_create() returns error pointer, we are dereferencing a possible
error pointer. Fix this by moving the dereference post error handling.
Fixes: a010eb881243 ("tpm: fix up the tpm_class shutdown_pre pointer when created")
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
---
This is based on static analysis, only compile tested.
---
drivers/char/tpm/tpm-interface.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Comments
On Mon, Mar 20, 2023 at 11:14:15PM -0700, Harshit Mogalapalli wrote: > Smatch reports: > drivers/char/tpm/tpm-interface.c:470 tpm_init() error: > 'tpm_class' dereferencing possible ERR_PTR() > > If class_create() returns error pointer, we are dereferencing a possible > error pointer. Fix this by moving the dereference post error handling. > > Fixes: a010eb881243 ("tpm: fix up the tpm_class shutdown_pre pointer when created") > Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com> > --- > This is based on static analysis, only compile tested. Thanks for this, good catch, I've queued it up in my tree now as I have the offending change that caused this. greg k-h
On Mon, Mar 20, 2023 at 11:14:15PM -0700, Harshit Mogalapalli wrote: > Smatch reports: > drivers/char/tpm/tpm-interface.c:470 tpm_init() error: > 'tpm_class' dereferencing possible ERR_PTR() > > If class_create() returns error pointer, we are dereferencing a possible > error pointer. Fix this by moving the dereference post error handling. > > Fixes: a010eb881243 ("tpm: fix up the tpm_class shutdown_pre pointer when created") > Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com> > --- > This is based on static analysis, only compile tested. > --- > drivers/char/tpm/tpm-interface.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c > index 43e23a04433a..4463d0018290 100644 > --- a/drivers/char/tpm/tpm-interface.c > +++ b/drivers/char/tpm/tpm-interface.c > @@ -467,12 +467,13 @@ static int __init tpm_init(void) > int rc; > > tpm_class = class_create("tpm"); > - tpm_class->shutdown_pre = tpm_class_shutdown; > if (IS_ERR(tpm_class)) { > pr_err("couldn't create tpm class\n"); > return PTR_ERR(tpm_class); > } > > + tpm_class->shutdown_pre = tpm_class_shutdown; > + > tpmrm_class = class_create("tpmrm"); > if (IS_ERR(tpmrm_class)) { > pr_err("couldn't create tpmrm class\n"); > -- > 2.38.1 > Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> BR, Jarkko
On Tue, Mar 21, 2023 at 09:01:08AM +0100, Greg Kroah-Hartman wrote: > On Mon, Mar 20, 2023 at 11:14:15PM -0700, Harshit Mogalapalli wrote: > > Smatch reports: > > drivers/char/tpm/tpm-interface.c:470 tpm_init() error: > > 'tpm_class' dereferencing possible ERR_PTR() > > > > If class_create() returns error pointer, we are dereferencing a possible > > error pointer. Fix this by moving the dereference post error handling. > > > > Fixes: a010eb881243 ("tpm: fix up the tpm_class shutdown_pre pointer when created") > > Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com> > > --- > > This is based on static analysis, only compile tested. > > Thanks for this, good catch, I've queued it up in my tree now as I have > the offending change that caused this. OK, thank you! BR, Jarkko
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 43e23a04433a..4463d0018290 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -467,12 +467,13 @@ static int __init tpm_init(void) int rc; tpm_class = class_create("tpm"); - tpm_class->shutdown_pre = tpm_class_shutdown; if (IS_ERR(tpm_class)) { pr_err("couldn't create tpm class\n"); return PTR_ERR(tpm_class); } + tpm_class->shutdown_pre = tpm_class_shutdown; + tpmrm_class = class_create("tpmrm"); if (IS_ERR(tpmrm_class)) { pr_err("couldn't create tpmrm class\n");