Patch "gpio: cdev: check for NULL labels when sanitizing them for irqs" has been added to the 6.8-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a note to let you know that I've just added the patch titled

    gpio: cdev: check for NULL labels when sanitizing them for irqs

to the 6.8-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     gpio-cdev-check-for-null-labels-when-sanitizing-them-for-irqs.patch
and it can be found in the queue-6.8 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From b3b95964590a3d756d69ea8604c856de805479ad Mon Sep 17 00:00:00 2001
From: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxx>
Date: Thu, 4 Apr 2024 11:33:27 +0200
Subject: gpio: cdev: check for NULL labels when sanitizing them for irqs

From: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxx>

commit b3b95964590a3d756d69ea8604c856de805479ad upstream.

We need to take into account that a line's consumer label may be NULL
and not try to kstrdup() it in that case but rather pass the NULL
pointer up the stack to the interrupt request function.

To that end: let make_irq_label() return NULL as a valid return value
and use ERR_PTR() instead to signal an allocation failure to callers.

Cc: stable@xxxxxxxxxxxxxxx
Fixes: b34490879baa ("gpio: cdev: sanitize the label before requesting the interrupt")
Reported-by: Linux Kernel Functional Testing <lkft@xxxxxxxxxx>
Closes: https://lore.kernel.org/lkml/20240402093534.212283-1-naresh.kamboju@xxxxxxxxxx/
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxx>
Tested-by: Anders Roxell <anders.roxell@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 drivers/gpio/gpiolib-cdev.c |   19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

--- a/drivers/gpio/gpiolib-cdev.c
+++ b/drivers/gpio/gpiolib-cdev.c
@@ -1091,7 +1091,16 @@ static u32 gpio_v2_line_config_debounce_
 
 static inline char *make_irq_label(const char *orig)
 {
-	return kstrdup_and_replace(orig, '/', ':', GFP_KERNEL);
+	char *new;
+
+	if (!orig)
+		return NULL;
+
+	new = kstrdup_and_replace(orig, '/', ':', GFP_KERNEL);
+	if (!new)
+		return ERR_PTR(-ENOMEM);
+
+	return new;
 }
 
 static inline void free_irq_label(const char *label)
@@ -1164,8 +1173,8 @@ static int edge_detector_setup(struct li
 	irqflags |= IRQF_ONESHOT;
 
 	label = make_irq_label(line->req->label);
-	if (!label)
-		return -ENOMEM;
+	if (IS_ERR(label))
+		return PTR_ERR(label);
 
 	/* Request a thread to read the events */
 	ret = request_threaded_irq(irq, edge_irq_handler, edge_irq_thread,
@@ -2223,8 +2232,8 @@ static int lineevent_create(struct gpio_
 		goto out_free_le;
 
 	label = make_irq_label(le->label);
-	if (!label) {
-		ret = -ENOMEM;
+	if (IS_ERR(label)) {
+		ret = PTR_ERR(label);
 		goto out_free_le;
 	}
 


Patches currently in stable-queue which might be from bartosz.golaszewski@xxxxxxxxxx are

queue-6.8/gpio-cdev-fix-missed-label-sanitizing-in-debounce_setup.patch
queue-6.8/gpiolib-fix-debug-messaging-in-gpiod_find_and_reques.patch
queue-6.8/gpio-cdev-check-for-null-labels-when-sanitizing-them-for-irqs.patch
queue-6.8/gpio-cdev-sanitize-the-label-before-requesting-the-interrupt.patch




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux