| Message ID | 20160912041724.16646-1-ruscur@russell.cc (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
On 12/09/16 14:17, Russell Currey wrote: > eeh_pe_bus_get() can return NULL if a PCI bus isn't found for a given PE. > Some callers don't check this, and can cause a null pointer dereference > under certain circumstances. > > Fix this by checking NULL everywhere eeh_pe_bus_get() is called. > > Cc: stable #3.10+ > Signed-off-by: Russell Currey <ruscur@russell.cc> Looks good to me. Reviewed-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
On Mon, 2016-12-09 at 04:17:22 UTC, Russell Currey wrote: > eeh_pe_bus_get() can return NULL if a PCI bus isn't found for a given PE. > Some callers don't check this, and can cause a null pointer dereference > under certain circumstances. > > Fix this by checking NULL everywhere eeh_pe_bus_get() is called. > > Cc: stable #3.10+ This looks like it's a fix for 8a6b1bc70dbb ("powerpc/eeh: EEH core to handle special event") ? Which was merged in v3.11-rc1. If so I'll add a fixes line pointing at that commit and update the stable tag to v3.11+. cheers
On Wed, 2016-09-21 at 14:02 +1000, Michael Ellerman wrote: > On Mon, 2016-12-09 at 04:17:22 UTC, Russell Currey wrote: > > > > eeh_pe_bus_get() can return NULL if a PCI bus isn't found for a given PE. > > Some callers don't check this, and can cause a null pointer dereference > > under certain circumstances. > > > > Fix this by checking NULL everywhere eeh_pe_bus_get() is called. > > > > Cc: stable #3.10+ > > This looks like it's a fix for 8a6b1bc70dbb ("powerpc/eeh: EEH core to handle > special event") ? > > Which was merged in v3.11-rc1. > > If so I'll add a fixes line pointing at that commit and update the stable tag > to > v3.11+. Thanks. Also, the other two patches in this series shouldn't go to stable, that was my mistake. > > cheers
On Mon, 2016-12-09 at 04:17:22 UTC, Russell Currey wrote: > eeh_pe_bus_get() can return NULL if a PCI bus isn't found for a given PE. > Some callers don't check this, and can cause a null pointer dereference > under certain circumstances. > > Fix this by checking NULL everywhere eeh_pe_bus_get() is called. > > Fixes: 8a6b1bc70dbb ("powerpc/eeh: EEH core to handle special event") > Cc: stable@vger.kernel.org # v3.11+ > Signed-off-by: Russell Currey <ruscur@russell.cc> > Reviewed-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com> Series applied to powerpc next, thanks. https://git.kernel.org/powerpc/c/04fec21c06e35b169a83e75a84 cheers
diff --git a/arch/powerpc/kernel/eeh_driver.c b/arch/powerpc/kernel/eeh_driver.c index 5f36e8a..29aa8d1 100644 --- a/arch/powerpc/kernel/eeh_driver.c +++ b/arch/powerpc/kernel/eeh_driver.c @@ -994,6 +994,14 @@ static void eeh_handle_special_event(void) /* Notify all devices to be down */ eeh_pe_state_clear(pe, EEH_PE_PRI_BUS); bus = eeh_pe_bus_get(phb_pe); + if (!bus) { + pr_err("%s: Cannot find PCI bus for " + "PHB#%d-PE#%x\n", + __func__, + pe->phb->global_number, + pe->addr); + break; + } eeh_pe_dev_traverse(pe, eeh_report_failure, NULL); pci_hp_remove_devices(bus); diff --git a/arch/powerpc/platforms/powernv/eeh-powernv.c b/arch/powerpc/platforms/powernv/eeh-powernv.c index 86544ea..cb08e6a 100644 --- a/arch/powerpc/platforms/powernv/eeh-powernv.c +++ b/arch/powerpc/platforms/powernv/eeh-powernv.c @@ -1091,6 +1091,11 @@ static int pnv_eeh_reset(struct eeh_pe *pe, int option) } bus = eeh_pe_bus_get(pe); + if (!bus) { + pr_err("%s: Cannot find PCI bus for PHB#%d-PE#%x\n", + __func__, pe->phb->global_number, pe->addr); + return -EIO; + } if (pe->type & EEH_PE_VF) return pnv_eeh_reset_vf_pe(pe, option);
eeh_pe_bus_get() can return NULL if a PCI bus isn't found for a given PE. Some callers don't check this, and can cause a null pointer dereference under certain circumstances. Fix this by checking NULL everywhere eeh_pe_bus_get() is called. Cc: stable #3.10+ Signed-off-by: Russell Currey <ruscur@russell.cc> --- arch/powerpc/kernel/eeh_driver.c | 8 ++++++++ arch/powerpc/platforms/powernv/eeh-powernv.c | 5 +++++ 2 files changed, 13 insertions(+)