MIPS: CPS: Fix potential NULL pointer dereferences in cps_prepare_cpus()

[PATCH] MIPS: CPS: Fix potential NULL pointer dereferences in cps_prepare_cpus()

Posted by Thorsten Blum 10 months ago

Check the return values of kcalloc() and exit early to avoid potential
NULL pointer dereferences.

Compile-tested only.

Cc: stable@vger.kernel.org
Fixes: 75fa6a583882e ("MIPS: CPS: Introduce struct cluster_boot_config")
Fixes: 0856c143e1cd3 ("MIPS: CPS: Boot CPUs in secondary clusters")
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
---
 arch/mips/kernel/smp-cps.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/mips/kernel/smp-cps.c b/arch/mips/kernel/smp-cps.c
index e85bd087467e..cc26d56f3ab6 100644
--- a/arch/mips/kernel/smp-cps.c
+++ b/arch/mips/kernel/smp-cps.c
@@ -332,6 +332,8 @@ static void __init cps_prepare_cpus(unsigned int max_cpus)
 	mips_cps_cluster_bootcfg = kcalloc(nclusters,
 					   sizeof(*mips_cps_cluster_bootcfg),
 					   GFP_KERNEL);
+	if (!mips_cps_cluster_bootcfg)
+		goto err_out;
 
 	if (nclusters > 1)
 		mips_cm_update_property();
@@ -348,6 +350,8 @@ static void __init cps_prepare_cpus(unsigned int max_cpus)
 		mips_cps_cluster_bootcfg[cl].core_power =
 			kcalloc(BITS_TO_LONGS(ncores), sizeof(unsigned long),
 				GFP_KERNEL);
+		if (!mips_cps_cluster_bootcfg[cl].core_power)
+			goto err_out;
 
 		/* Allocate VPE boot configuration structs */
 		for (c = 0; c < ncores; c++) {
-- 
2.49.0

Re: [PATCH] MIPS: CPS: Fix potential NULL pointer dereferences in cps_prepare_cpus()

Posted by Thomas Bogendoerfer 9 months, 2 weeks ago

On Mon, Apr 07, 2025 at 06:32:21PM +0200, Thorsten Blum wrote:
> Check the return values of kcalloc() and exit early to avoid potential
> NULL pointer dereferences.
> 
> Compile-tested only.
> 
> Cc: stable@vger.kernel.org
> Fixes: 75fa6a583882e ("MIPS: CPS: Introduce struct cluster_boot_config")
> Fixes: 0856c143e1cd3 ("MIPS: CPS: Boot CPUs in secondary clusters")
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>  arch/mips/kernel/smp-cps.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/arch/mips/kernel/smp-cps.c b/arch/mips/kernel/smp-cps.c
> index e85bd087467e..cc26d56f3ab6 100644
> --- a/arch/mips/kernel/smp-cps.c
> +++ b/arch/mips/kernel/smp-cps.c
> @@ -332,6 +332,8 @@ static void __init cps_prepare_cpus(unsigned int max_cpus)
>  	mips_cps_cluster_bootcfg = kcalloc(nclusters,
>  					   sizeof(*mips_cps_cluster_bootcfg),
>  					   GFP_KERNEL);
> +	if (!mips_cps_cluster_bootcfg)
> +		goto err_out;
>  
>  	if (nclusters > 1)
>  		mips_cm_update_property();
> @@ -348,6 +350,8 @@ static void __init cps_prepare_cpus(unsigned int max_cpus)
>  		mips_cps_cluster_bootcfg[cl].core_power =
>  			kcalloc(BITS_TO_LONGS(ncores), sizeof(unsigned long),
>  				GFP_KERNEL);
> +		if (!mips_cps_cluster_bootcfg[cl].core_power)
> +			goto err_out;
>  
>  		/* Allocate VPE boot configuration structs */
>  		for (c = 0; c < ncores; c++) {
> -- 
> 2.49.0

applied to mips-fixes.

Thomas.

-- 
Crap can work. Given enough thrust pigs will fly, but it's not necessarily a
good idea.                                                [ RFC1925, 2.3 ]