| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
[ Upstream commit 6ebf1982038af12f3588417e4fd0417d2551da28 ]
fpga_mgr_test_img_load_sgt() allocates memory for sgt using
kunit_kzalloc() however it does not check if the allocation failed.
It then passes sgt to sg_alloc_table(), which passes it to
__sg_alloc_table(). This function calls memset() on sgt in an attempt to
zero it out. If the allocation fails then sgt will be NULL and the
memset will trigger a NULL pointer dereference.
Fix this by checking the allocation with KUNIT_ASSERT_NOT_ERR_OR_NULL().
Reviewed-by: Marco Pagani <marco.pagani@linux.dev>
Fixes: ccbc1c302115 ("fpga: add an initial KUnit suite for the FPGA Manager")
Signed-off-by: Qasim Ijaz <qasdev00@gmail.com>
Acked-by: Xu Yilun <yilun.xu@intel.com>
Link: https://lore.kernel.org/r/20250422153737.5264-1-qasdev00@gmail.com
Signed-off-by: Xu Yilun <yilun.xu@linux.intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
fpga_region_class_find() in fpga_region_test_class_find() will call
get_device() if the data is matched, which will increment refcount for
dev->kobj, so it should call put_device() to decrement refcount for
dev->kobj to free the region, because fpga_region_unregister() will call
fpga_region_dev_release() only when the refcount for dev->kobj is zero
but fpga_region_test_init() call device_register() in
fpga_region_register_full(), which also increment refcount.
So call put_device() after calling fpga_region_class_find() in
fpga_region_test_class_find(). After applying this patch, the following
memory leak is never detected.
unreferenced object 0xffff88810c8ef000 (size 1024):
comm "kunit_try_catch", pid 1875, jiffies 4294715298 (age 836.836s)
hex dump (first 32 bytes):
b8 d1 fb 05 81 88 ff ff 08 f0 8e 0c 81 88 ff ff ................
08 f0 8e 0c 81 88 ff ff 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff817ebad7>] kmalloc_trace+0x27/0xa0
[<ffffffffa02385e1>] fpga_region_register_full+0x51/0x430 [fpga_region]
[<ffffffffa0228e47>] 0xffffffffa0228e47
[<ffffffff829c479d>] kunit_try_run_case+0xdd/0x250
[<ffffffff829c9f2a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
[<ffffffff81238b85>] kthread+0x2b5/0x380
[<ffffffff81097ded>] ret_from_fork+0x2d/0x70
[<ffffffff810034d1>] ret_from_fork_asm+0x11/0x20
unreferenced object 0xffff888105fbd1b8 (size 8):
comm "kunit_try_catch", pid 1875, jiffies 4294715298 (age 836.836s)
hex dump (first 8 bytes):
72 65 67 69 6f 6e 30 00 region0.
backtrace:
[<ffffffff817ec023>] __kmalloc_node_track_caller+0x53/0x150
[<ffffffff82995590>] kvasprintf+0xb0/0x130
[<ffffffff83f713b1>] kobject_set_name_vargs+0x41/0x110
[<ffffffff8304ac1b>] dev_set_name+0xab/0xe0
[<ffffffffa02388a2>] fpga_region_register_full+0x312/0x430 [fpga_region]
[<ffffffffa0228e47>] 0xffffffffa0228e47
[<ffffffff829c479d>] kunit_try_run_case+0xdd/0x250
[<ffffffff829c9f2a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
[<ffffffff81238b85>] kthread+0x2b5/0x380
[<ffffffff81097ded>] ret_from_fork+0x2d/0x70
[<ffffffff810034d1>] ret_from_fork_asm+0x11/0x20
unreferenced object 0xffff88810b3b8a00 (size 256):
comm "kunit_try_catch", pid 1875, jiffies 4294715298 (age 836.836s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 08 8a 3b 0b 81 88 ff ff ..........;.....
08 8a 3b 0b 81 88 ff ff e0 ac 04 83 ff ff ff ff ..;.............
backtrace:
[<ffffffff817ebad7>] kmalloc_trace+0x27/0xa0
[<ffffffff83056d7a>] device_add+0xa2a/0x15e0
[<ffffffffa02388b1>] fpga_region_register_full+0x321/0x430 [fpga_region]
[<ffffffffa0228e47>] 0xffffffffa0228e47
[<ffffffff829c479d>] kunit_try_run_case+0xdd/0x250
[<ffffffff829c9f2a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
[<ffffffff81238b85>] kthread+0x2b5/0x380
[<ffffffff81097ded>] ret_from_fork+0x2d/0x70
[<ffffffff810034d1>] ret_from_fork_asm+0x11/0x20
Fixes: 64a5f972c93d ("fpga: add an initial KUnit suite for the FPGA Region")
Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
Reviewed-by: Marco Pagani <marpagan@redhat.com>
Acked-by: Xu Yilun <yilun.xu@intel.com>
Link: https://lore.kernel.org/r/20231007094321.3447084-1-ruanjinjie@huawei.com
[yilun.xu@intel.com: slightly changes the commit message]
Signed-off-by: Xu Yilun <yilun.xu@linux.intel.com>
Link: https://lore.kernel.org/r/20231023032857.902699-3-yilun.xu@linux.intel.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
The fpga core currently assumes that all manager, bridge, and region
devices have a parent device associated with a driver that can be used
to take the module's refcount. This behavior causes the fpga test suites
to crash with a null-ptr-deref since parent fake devices do not have a
driver. This patch disables all fpga KUnit test suites when loadable
module support is enabled until the fpga core is fixed. Test suites
can still be run using the KUnit default UML kernel.
Signed-off-by: Marco Pagani <marpagan@redhat.com>
Acked-by: Xu Yilun <yilun.xu@intel.com>
Fixes: ccbc1c302115 ("fpga: add an initial KUnit suite for the FPGA Manager")
Link: https://lore.kernel.org/r/20231018163814.100803-1-marpagan@redhat.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Add configuration for the KUnit test suites for the core components
of the FPGA subsystem.
Signed-off-by: Marco Pagani <marpagan@redhat.com>
Acked-by: Xu Yilun <yilun.xu@intel.com>
Link: https://lore.kernel.org/r/20230718130304.87048-5-marpagan@redhat.com
Signed-off-by: Xu Yilun <yilun.xu@intel.com>
|
|
The suite tests the basic behaviors of the FPGA Region including
the programming and the function for finding a specific region.
Signed-off-by: Marco Pagani <marpagan@redhat.com>
Acked-by: Xu Yilun <yilun.xu@intel.com>
Link: https://lore.kernel.org/r/20230718130304.87048-4-marpagan@redhat.com
Signed-off-by: Xu Yilun <yilun.xu@intel.com>
|
|
The suite tests the basic behaviors of the FPGA Bridge including
the functions that operate on a list of bridges.
Signed-off-by: Marco Pagani <marpagan@redhat.com>
Acked-by: Xu Yilun <yilun.xu@intel.com>
Link: https://lore.kernel.org/r/20230718130304.87048-3-marpagan@redhat.com
Signed-off-by: Xu Yilun <yilun.xu@intel.com>
|
|
The suite tests the basic behaviors of the FPGA Manager including
programming using a single contiguous buffer and a scatter gather table.
Signed-off-by: Marco Pagani <marpagan@redhat.com>
Acked-by: Xu Yilun <yilun.xu@intel.com>
Link: https://lore.kernel.org/r/20230718130304.87048-2-marpagan@redhat.com
Signed-off-by: Xu Yilun <yilun.xu@intel.com>
|
