Re: Re: [PATCH] staging: rtl8712: check register_netdev() return value

Thu, 10 Dec 2020 07:05:54 -0800 

Hi

> 
> This function should not be calling register_netdev().  What does that
> have to do with firmware?  It should also not free_netdev() because
> that will just lead to a use after free in the caller.
>

--&gt; check code history author<larry.fin...@lwfinger.net> changed synchronous 
firmware loading to asynchronous firmware loading
    before this change, register_netdev() was not calling in firmware related 
function.
    For asynchronous loading, maybe register_netdev() be calling in 
rtl871x_load_fw_cb() is to ensure the netdev be registered after firmware 
loading completed

--&gt; for potential use after free issue
    Could I only call "free_irq(adapter-&gt;pnetdev-&gt;irq, 
adapter-&gt;pnetdev)" when register_netdev() failed ?
    If no need to change drivers/staging/rtl8712/hal_init.c file, I could give 
up my patch, thank you !

&gt; -----原始邮件-----
&gt; 发件人: "Dan Carpenter" <dan.carpen...@oracle.com>
&gt; 发送时间: 2020-12-10 01:46:15 (星期四)
&gt; 收件人: shaojie.d...@isrc.iscas.ac.cn
&gt; 抄送: larry.fin...@lwfinger.net, florian.c.schilha...@googlemail.com, 
gre...@linuxfoundation.org, de...@driverdev.osuosl.org, 
linux-ker...@vger.kernel.org
&gt; 主题: Re: [PATCH] staging: rtl8712: check register_netdev() return value
&gt; 
&gt; On Wed, Dec 09, 2020 at 11:01:24PM +0800, shaojie.d...@isrc.iscas.ac.cn 
wrote:
&gt; &gt; From: "shaojie.dong" <shaojie.d...@isrc.iscas.ac.cn>
&gt; &gt; 
&gt; &gt; Function register_netdev() can fail, so we should check it's return 
value
&gt; &gt; 
&gt; &gt; Signed-off-by: shaojie.dong <shaojie.d...@isrc.iscas.ac.cn>
&gt; &gt; ---
&gt; &gt;  drivers/staging/rtl8712/hal_init.c | 5 ++++-
&gt; &gt;  1 file changed, 4 insertions(+), 1 deletion(-)
&gt; &gt; 
&gt; &gt; diff --git a/drivers/staging/rtl8712/hal_init.c 
b/drivers/staging/rtl8712/hal_init.c
&gt; &gt; index 715f1fe8b..38a3e3d44 100644
&gt; &gt; --- a/drivers/staging/rtl8712/hal_init.c
&gt; &gt; +++ b/drivers/staging/rtl8712/hal_init.c
&gt; &gt; @@ -45,7 +45,10 @@ static void rtl871x_load_fw_cb(const struct 
firmware *firmware, void *context)
&gt; &gt;       }
&gt; &gt;       adapter-&gt;fw = firmware;
&gt; &gt;       /* firmware available - start netdev */
&gt; &gt; -     register_netdev(adapter-&gt;pnetdev);
&gt; &gt; +     if (register_netdev(adapter-&gt;pnetdev) != 0) {
&gt; &gt; +             netdev_err(adapter-&gt;pnetdev, "register_netdev() 
failed\n");
&gt; &gt; +             free_netdev(adapter-&gt;pnetdev);
&gt; &gt; +     }
&gt; 
&gt; This function should not be calling register_netdev().  What does that
&gt; have to do with firmware?  It should also not free_netdev() because
&gt; that will just lead to a use after free in the caller.
&gt; 
&gt; regards,
&gt; dan carpenter
&gt; 
&gt; &gt;       complete(&amp;adapter-&gt;rtl8712_fw_ready);
&gt; &gt;  }
&gt; &gt;  
&gt; &gt; -- 
&gt; &gt; 2.17.1
&gt; &gt; 
&gt; &gt; _______________________________________________
&gt; &gt; devel mailing list
&gt; &gt; de...@linuxdriverproject.org
&gt; &gt; 
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
</shaojie.d...@isrc.iscas.ac.cn></shaojie.d...@isrc.iscas.ac.cn></dan.carpen...@oracle.com></larry.fin...@lwfinger.net>
_______________________________________________
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel

Reply via email to