From c5c2b86d408e08904a786e7b6663b5e5b9d88ae2 Mon Sep 17 00:00:00 2001 From: Robert Richter Date: Sun, 9 Jun 2019 16:13:09 +0800 Subject: [PATCH] EDAC/mc: Fix edac_mc_find() in case no device is found mainline inclusion from mainline-5.2-rc1 commit 29a0c843973b category: bugfix bugzilla: 16297 CVE: NA ------------------------------------------------- The function should return NULL in case no device is found, but it always returns the last checked mc device from the list even if the index did not match. Fix that. I did some analysis why this did not raise any issues for about 3 years and the reason is that edac_mc_find() is mostly used to search for existing devices. Thus, the bug is not triggered. [ bp: Drop the if (mci->mc_idx > idx) test in favor of readability. ] Fixes: c73e8833bec5 ("EDAC, mc: Fix locking around mc_devices list") Signed-off-by: Robert Richter Signed-off-by: Borislav Petkov Cc: "linux-edac@vger.kernel.org" Cc: James Morse Cc: Mauro Carvalho Chehab Link: https://lkml.kernel.org/r/20190514104838.15065-1-rrichter@marvell.com Signed-off-by: Yang Yingliang Reviewed-by: Hanjun Guo Signed-off-by: Yang Yingliang --- drivers/edac/edac_mc.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/drivers/edac/edac_mc.c b/drivers/edac/edac_mc.c index 7d3edd713932..fbd48e46f466 100644 --- a/drivers/edac/edac_mc.c +++ b/drivers/edac/edac_mc.c @@ -681,22 +681,18 @@ static int del_mc_from_global_list(struct mem_ctl_info *mci) struct mem_ctl_info *edac_mc_find(int idx) { - struct mem_ctl_info *mci = NULL; + struct mem_ctl_info *mci; struct list_head *item; mutex_lock(&mem_ctls_mutex); list_for_each(item, &mc_devices) { mci = list_entry(item, struct mem_ctl_info, link); - - if (mci->mc_idx >= idx) { - if (mci->mc_idx == idx) { - goto unlock; - } - break; - } + if (mci->mc_idx == idx) + goto unlock; } + mci = NULL; unlock: mutex_unlock(&mem_ctls_mutex); return mci; -- GitLab