arch/powerpc/kernel/smp.c | 2 ++ 1 file changed, 2 insertions(+)
As kcalloc() may fail, check its return value to avoid a NULL pointer
dereference when passing it to of_property_read_u32_array().
Fixes: 790a1662d3a26 ("powerpc/smp: Parse ibm,thread-groups with multiple properties")
Cc: stable@vger.kernel.org
---
changelog:
v2:
- Return -ENOMEM directly on allocation failure.
Signed-off-by: Guangshuo Li <lgs201920130244@gmail.com>
---
arch/powerpc/kernel/smp.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/powerpc/kernel/smp.c b/arch/powerpc/kernel/smp.c
index 5ac7084eebc0..cfccb9389760 100644
--- a/arch/powerpc/kernel/smp.c
+++ b/arch/powerpc/kernel/smp.c
@@ -822,6 +822,8 @@ static int parse_thread_groups(struct device_node *dn,
count = of_property_count_u32_elems(dn, "ibm,thread-groups");
thread_group_array = kcalloc(count, sizeof(u32), GFP_KERNEL);
+ if (!thread_group_array)
+ return -ENOMEM;
ret = of_property_read_u32_array(dn, "ibm,thread-groups",
thread_group_array, count);
if (ret)
--
2.43.0
Le 22/09/2025 à 17:10, Guangshuo Li a écrit :
> [Vous ne recevez pas souvent de courriers de lgs201920130244@gmail.com. Découvrez pourquoi ceci est important à https://aka.ms/LearnAboutSenderIdentification ]
>
> As kcalloc() may fail, check its return value to avoid a NULL pointer
> dereference when passing it to of_property_read_u32_array().
>
> Fixes: 790a1662d3a26 ("powerpc/smp: Parse ibm,thread-groups with multiple properties")
> Cc: stable@vger.kernel.org
> ---
> changelog:
> v2:
> - Return -ENOMEM directly on allocation failure.
>
> Signed-off-by: Guangshuo Li <lgs201920130244@gmail.com>
The Signed-off-by: must be above the ---, otherwise it will be lost when
applying the commit.
With that fixed,
Reviewed-by: Christophe Leroy <christophe.leroy@csgroup.eu>
> ---
> arch/powerpc/kernel/smp.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/arch/powerpc/kernel/smp.c b/arch/powerpc/kernel/smp.c
> index 5ac7084eebc0..cfccb9389760 100644
> --- a/arch/powerpc/kernel/smp.c
> +++ b/arch/powerpc/kernel/smp.c
> @@ -822,6 +822,8 @@ static int parse_thread_groups(struct device_node *dn,
>
> count = of_property_count_u32_elems(dn, "ibm,thread-groups");
> thread_group_array = kcalloc(count, sizeof(u32), GFP_KERNEL);
> + if (!thread_group_array)
> + return -ENOMEM;
> ret = of_property_read_u32_array(dn, "ibm,thread-groups",
> thread_group_array, count);
> if (ret)
> --
> 2.43.0
>
Le 22/09/2025 à 17:10, Guangshuo Li a écrit :
> As kcalloc() may fail, check its return value to avoid a NULL pointer
> dereference when passing it to of_property_read_u32_array().
>
> Fixes: 790a1662d3a26 ("powerpc/smp: Parse ibm,thread-groups with multiple properties")
> Cc: stable@vger.kernel.org
Signed-off-by that was part of v1, is missing in v2.
> ---
> changelog:
> v2:
> - Return -ENOMEM directly on allocation failure.
Except for a newline that is removed, v2 is the same as v1, or I miss
something?
CJ
>
> Signed-off-by: Guangshuo Li <lgs201920130244@gmail.com>
> ---
> arch/powerpc/kernel/smp.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/arch/powerpc/kernel/smp.c b/arch/powerpc/kernel/smp.c
> index 5ac7084eebc0..cfccb9389760 100644
> --- a/arch/powerpc/kernel/smp.c
> +++ b/arch/powerpc/kernel/smp.c
> @@ -822,6 +822,8 @@ static int parse_thread_groups(struct device_node *dn,
>
> count = of_property_count_u32_elems(dn, "ibm,thread-groups");
> thread_group_array = kcalloc(count, sizeof(u32), GFP_KERNEL);
> + if (!thread_group_array)
> + return -ENOMEM;
> ret = of_property_read_u32_array(dn, "ibm,thread-groups",
> thread_group_array, count);
> if (ret)
Le 22/09/2025 à 17:38, Christophe JAILLET a écrit :
> Le 22/09/2025 à 17:10, Guangshuo Li a écrit :
>> As kcalloc() may fail, check its return value to avoid a NULL pointer
>> dereference when passing it to of_property_read_u32_array().
>>
>> Fixes: 790a1662d3a26 ("powerpc/smp: Parse ibm,thread-groups with
>> multiple properties")
>> Cc: stable@vger.kernel.org
>
> Signed-off-by that was part of v1, is missing in v2.
I see it below the ---
>
>> ---
>> changelog:
>> v2:
>> - Return -ENOMEM directly on allocation failure.
>
> Except for a newline that is removed, v2 is the same as v1, or I miss
> something?
v1 was:
+ if (!thread_group_array) {
+ ret = -ENOMEM;
+ goto out_free;
+ }
Which was wrong.
Well maybe there was several v1, I'm talking about
https://lore.kernel.org/all/20250918131513.3557422-1-lgs201920130244@gmail.com/
>
> CJ
>
>>
>> Signed-off-by: Guangshuo Li <lgs201920130244@gmail.com>
>> ---
>> arch/powerpc/kernel/smp.c | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>> diff --git a/arch/powerpc/kernel/smp.c b/arch/powerpc/kernel/smp.c
>> index 5ac7084eebc0..cfccb9389760 100644
>> --- a/arch/powerpc/kernel/smp.c
>> +++ b/arch/powerpc/kernel/smp.c
>> @@ -822,6 +822,8 @@ static int parse_thread_groups(struct device_node
>> *dn,
>> count = of_property_count_u32_elems(dn, "ibm,thread-groups");
>> thread_group_array = kcalloc(count, sizeof(u32), GFP_KERNEL);
>> + if (!thread_group_array)
>> + return -ENOMEM;
>> ret = of_property_read_u32_array(dn, "ibm,thread-groups",
>> thread_group_array, count);
>> if (ret)
>
Le 22/09/2025 à 18:07, Christophe Leroy a écrit :
>
>
> Le 22/09/2025 à 17:38, Christophe JAILLET a écrit :
>> Le 22/09/2025 à 17:10, Guangshuo Li a écrit :
>>> As kcalloc() may fail, check its return value to avoid a NULL pointer
>>> dereference when passing it to of_property_read_u32_array().
>>>
>>> Fixes: 790a1662d3a26 ("powerpc/smp: Parse ibm,thread-groups with
>>> multiple properties")
>>> Cc: stable@vger.kernel.org
>>
>> Signed-off-by that was part of v1, is missing in v2.
>
> I see it below the ---
>
>>
>>> ---
>>> changelog:
>>> v2:
>>> - Return -ENOMEM directly on allocation failure.
>>
>> Except for a newline that is removed, v2 is the same as v1, or I miss
>> something?
>
> v1 was:
>
> + if (!thread_group_array) {
> + ret = -ENOMEM;
> + goto out_free;
> + }
>
> Which was wrong.
>
> Well maybe there was several v1, I'm talking about https://
> lore.kernel.org/all/20250918131513.3557422-1-lgs201920130244@gmail.com/
Mine, was
https://lore.kernel.org/lkml/20250922150442.1820675-1-lgs201920130244@gmail.com/
and apparently, there as been 3 v1 :
https://lore.kernel.org/lkml/?q=powerpc%2Fsmp%3A+Add+check+for+kcalloc%28%29+in+parse_thread_groups%28%29
:/
CJ
>
>>
>> CJ
>>
>>>
>>> Signed-off-by: Guangshuo Li <lgs201920130244@gmail.com>
>>> ---
>>> arch/powerpc/kernel/smp.c | 2 ++
>>> 1 file changed, 2 insertions(+)
>>>
>>> diff --git a/arch/powerpc/kernel/smp.c b/arch/powerpc/kernel/smp.c
>>> index 5ac7084eebc0..cfccb9389760 100644
>>> --- a/arch/powerpc/kernel/smp.c
>>> +++ b/arch/powerpc/kernel/smp.c
>>> @@ -822,6 +822,8 @@ static int parse_thread_groups(struct device_node
>>> *dn,
>>> count = of_property_count_u32_elems(dn, "ibm,thread-groups");
>>> thread_group_array = kcalloc(count, sizeof(u32), GFP_KERNEL);
>>> + if (!thread_group_array)
>>> + return -ENOMEM;
>>> ret = of_property_read_u32_array(dn, "ibm,thread-groups",
>>> thread_group_array, count);
>>> if (ret)
>>
>
>
>
© 2016 - 2026 Red Hat, Inc.