From patchwork Mon Oct 28 07:46:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Koichiro Den X-Patchwork-Id: 2003140 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=185.125.189.65; helo=lists.ubuntu.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=patchwork.ozlabs.org) Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XcQVW3JzHz1xw0 for ; Mon, 28 Oct 2024 18:48:19 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com) by lists.ubuntu.com with esmtp (Exim 4.86_2) (envelope-from ) id 1t5KTO-0003o3-2A; Mon, 28 Oct 2024 07:47:34 +0000 Received: from smtp-relay-internal-0.internal ([10.131.114.225] helo=smtp-relay-internal-0.canonical.com) by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1t5KTL-0003nZ-To for kernel-team@lists.ubuntu.com; Mon, 28 Oct 2024 07:47:31 +0000 Received: from mail-pf1-f199.google.com (mail-pf1-f199.google.com [209.85.210.199]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 3543E3F175 for ; Mon, 28 Oct 2024 07:47:31 +0000 (UTC) Received: by mail-pf1-f199.google.com with SMTP id d2e1a72fcca58-71e6a7f3b67so4489069b3a.3 for ; Mon, 28 Oct 2024 00:47:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1730101649; x=1730706449; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7cUT/dINxiZmzlOq/0ERXfuqOQd5syE1i1Ylgr4RTGc=; b=EsWgAUwPFMjX41YTxaxFOaDXCzfRi8xzPXs4qTYmIg/wlHU6SVUr9668h1bKoBPbXv +OZqnlBCePTm5XQVDKEDeFIlP1yOnkY8oH3gwwMrIaPqHbvzNx9D+vE1xRaQ3NmPBlOq EHkvkeNUsG/Lg/jMMxba+AhciDUD03ex2oKXLGla+6a2HK83RqCOMuQIHJUesLnGpInI 1cPgqkqLpcQ8cBkMeno15grZ1Qk1vs/yAFY6eQjNzN4Xqcy6dNfk9RaUda5o9lXAi3e/ FrcifJeY/bMuD6nLQrAqGhFO1QhAsCXJEl7O32tpYqhkBn0EWt7wMELDf5oaQg4hR2vx MysQ== X-Gm-Message-State: AOJu0Yz9343eVow3N1bv0ckctTeSjqW9yXtnoAYFmOcQtZC5nBTeKvgf rh+6ppkQe3vdjF0qJ4NEFfOkkEdhDmvbV+fGFj4avFpIjT7MVYf1+WmRolh/pbc86kLeNyAHLVl AbM4DPAV3KoGiiqrqhxoNzTmfO3qS0K7IeSEvLJoSNiQx6GOyJbUqJgm6515FpLVtnBcRcO/bkI 37YCnosZv83g== X-Received: by 2002:a05:6a21:1743:b0:1d8:f867:e43e with SMTP id adf61e73a8af0-1d9a83d6647mr9729839637.18.1730101649629; Mon, 28 Oct 2024 00:47:29 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG9l3Ogem5MITpVX7kfQX9Ae/+l3L3iKRVh14t1jEpLlM40Y9cK1iNSikkvZ7hQCZhXdEZHhQ== X-Received: by 2002:a05:6a21:1743:b0:1d8:f867:e43e with SMTP id adf61e73a8af0-1d9a83d6647mr9729825637.18.1730101649224; Mon, 28 Oct 2024 00:47:29 -0700 (PDT) Received: from localhost.localdomain ([240f:74:7be:1:fc2f:5f77:13cb:653f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72057a1ef37sm5104291b3a.154.2024.10.28.00.47.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 28 Oct 2024 00:47:28 -0700 (PDT) From: Koichiro Den To: kernel-team@lists.ubuntu.com Subject: [SRU][F][PATCH 1/1] i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc Date: Mon, 28 Oct 2024 16:46:57 +0900 Message-ID: <20241028074704.113295-2-koichiro.den@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20241028074704.113295-1-koichiro.den@canonical.com> References: <20241028074704.113295-1-koichiro.den@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Norbert Zulinski When trying to dump VFs VSI RX/TX descriptors using debugfs there was a crash due to NULL pointer dereference in i40e_dbg_dump_desc. Added a check to i40e_dbg_dump_desc that checks if VSI type is correct for dumping RX/TX descriptors. Fixes: 02e9c290814c ("i40e: debugfs interface") Signed-off-by: Sylwester Dziedziuch Signed-off-by: Norbert Zulinski Signed-off-by: Mateusz Palczewski Tested-by: Gurucharan G Signed-off-by: Tony Nguyen (backported from commit 23ec111bf3549aae37140330c31a16abfc172421) [koichiroden: Adjusted context due to missing irrelevant commit: 44ea803e2fa7 ("i40e: introduce new dump desc XDP command")] CVE-2021-47501 Signed-off-by: Koichiro Den --- drivers/net/ethernet/intel/i40e/i40e_debugfs.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/net/ethernet/intel/i40e/i40e_debugfs.c b/drivers/net/ethernet/intel/i40e/i40e_debugfs.c index 31f60657f532..8d36da96d8fc 100644 --- a/drivers/net/ethernet/intel/i40e/i40e_debugfs.c +++ b/drivers/net/ethernet/intel/i40e/i40e_debugfs.c @@ -505,6 +505,14 @@ static void i40e_dbg_dump_desc(int cnt, int vsi_seid, int ring_id, int desc_n, dev_info(&pf->pdev->dev, "vsi %d not found\n", vsi_seid); return; } + if (vsi->type != I40E_VSI_MAIN && + vsi->type != I40E_VSI_FDIR && + vsi->type != I40E_VSI_VMDQ2) { + dev_info(&pf->pdev->dev, + "vsi %d type %d descriptor rings not available\n", + vsi_seid, vsi->type); + return; + } if (ring_id >= vsi->num_queue_pairs || ring_id < 0) { dev_info(&pf->pdev->dev, "ring %d not found\n", ring_id); return;