From a6501e4b380faee6bbf41bb2f833977c7ac6491a Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Tue, 18 Jan 2022 10:20:03 -0800 Subject: eeprom: at25: Restore missing allocation The at25 driver regressed in v5.17-rc1 due to a broken conflict resolution: the allocation of the object was accidentally removed. Restore it. This was found when building under CONFIG_FORTIFY_SOURCE=y and -Warray-bounds, which complained about strncpy() being used against an empty object: In function 'strncpy', inlined from 'at25_fw_to_chip.constprop' at drivers/misc/eeprom/at25.c:312:2: ./include/linux/fortify-string.h:48:33: warning: '__builtin_strncpy' offset [0, 9] is out of the bounds [0, 0] [-Warray-bounds] 48 | #define __underlying_strncpy __builtin_strncpy | ^ ./include/linux/fortify-string.h:59:16: note: in expansion of macro '__underlying_strncpy' 59 | return __underlying_strncpy(p, q, size); | ^~~~~~~~~~~~~~~~~~~~ In function 'strncpy', inlined from 'at25_fram_to_chip' at drivers/misc/eeprom/at25.c:373:2, inlined from 'at25_probe' at drivers/misc/eeprom/at25.c:453:10: ./include/linux/fortify-string.h:48:33: warning: '__builtin_strncpy' offset [0, 9] is out of the bounds [0, 0] [-Warray-bounds] 48 | #define __underlying_strncpy __builtin_strncpy | ^ ./include/linux/fortify-string.h:59:16: note: in expansion of macro '__underlying_strncpy' 59 | return __underlying_strncpy(p, q, size); | ^~~~~~~~~~~~~~~~~~~~ Link: https://lore.kernel.org/lkml/CAHp75VdqK7h63fz-cPaQ2MGaVdaR2f1Fb5kKCZidUG3RwLsAVA@mail.gmail.com/ Fixes: af40d16042d6 ("Merge v5.15-rc5 into char-misc-next") Cc: Arnd Bergmann Cc: Jiri Prchal Reviewed-by: Andy Shevchenko Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20220118182003.3385019-1-keescook@chromium.org Signed-off-by: Greg Kroah-Hartman --- drivers/misc/eeprom/at25.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/misc/eeprom/at25.c b/drivers/misc/eeprom/at25.c index c3305bdda69c..bee727ed98db 100644 --- a/drivers/misc/eeprom/at25.c +++ b/drivers/misc/eeprom/at25.c @@ -440,6 +440,10 @@ static int at25_probe(struct spi_device *spi) return -ENXIO; } + at25 = devm_kzalloc(&spi->dev, sizeof(*at25), GFP_KERNEL); + if (!at25) + return -ENOMEM; + mutex_init(&at25->lock); at25->spi = spi; spi_set_drvdata(spi, at25); -- cgit v1.2.3 From fc55e63e148f1db2180867da875460a00aac8bd1 Mon Sep 17 00:00:00 2001 From: Dan Carpenter Date: Tue, 11 Jan 2022 20:32:43 +0300 Subject: counter: fix an IS_ERR() vs NULL bug MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit There are 8 callers for devm_counter_alloc() and they all check for NULL instead of error pointers. I think NULL is the better thing to return for allocation functions so update counter_alloc() and devm_counter_alloc() to return NULL instead of error pointers. Fixes: c18e2760308e ("counter: Provide alternative counter registration functions") Acked-by: Uwe Kleine-König Acked-by: William Breathitt Gray Signed-off-by: Dan Carpenter Link: https://lore.kernel.org/r/20220111173243.GA2192@kili Signed-off-by: Greg Kroah-Hartman --- drivers/counter/counter-core.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/drivers/counter/counter-core.c b/drivers/counter/counter-core.c index 7e0957eea094..869894b74741 100644 --- a/drivers/counter/counter-core.c +++ b/drivers/counter/counter-core.c @@ -90,10 +90,8 @@ struct counter_device *counter_alloc(size_t sizeof_priv) int err; ch = kzalloc(sizeof(*ch) + sizeof_priv, GFP_KERNEL); - if (!ch) { - err = -ENOMEM; - goto err_alloc_ch; - } + if (!ch) + return NULL; counter = &ch->counter; dev = &counter->dev; @@ -123,9 +121,8 @@ err_chrdev_add: err_ida_alloc: kfree(ch); -err_alloc_ch: - return ERR_PTR(err); + return NULL; } EXPORT_SYMBOL_GPL(counter_alloc); @@ -208,12 +205,12 @@ struct counter_device *devm_counter_alloc(struct device *dev, size_t sizeof_priv int err; counter = counter_alloc(sizeof_priv); - if (IS_ERR(counter)) - return counter; + if (!counter) + return NULL; err = devm_add_action_or_reset(dev, devm_counter_put, counter); if (err < 0) - return ERR_PTR(err); + return NULL; return counter; } -- cgit v1.2.3