Re: [PATCH] qed/qed_sriov: avoid a possible NULL deref in configure_min_tx_rate

From: Michal Swiatkowski
Date: Thu Mar 16 2023 - 06:12:55 EST

Next message: Sui jingfeng: "Re: [PATCH v7 2/2] drm: add kms driver for loongson display controller"
Previous message: Dmitry Baryshkov: "Re: [PATCH 2/3] clk: qcom: videocc-sm8450: Add video clock controller driver for SM8450"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Mar 15, 2023 at 10:48:09PM +0300, Daniil Tatianin wrote:
> We have to make sure that the info returned by qed_iov_get_vf_info is
> valid before using it.
>
> Found by Linux Verification Center (linuxtesting.org) with the SVACE
> static analysis tool.
>
> Fixes: 733def6a04bf ("qed*: IOV link control")
> Signed-off-by: Daniil Tatianin <d-tatianin@xxxxxxxxxxxxxx>
> ---
> drivers/net/ethernet/qlogic/qed/qed_sriov.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/net/ethernet/qlogic/qed/qed_sriov.c b/drivers/net/ethernet/qlogic/qed/qed_sriov.c
> index 2bf18748581d..cd43f1b23eb1 100644
> --- a/drivers/net/ethernet/qlogic/qed/qed_sriov.c
> +++ b/drivers/net/ethernet/qlogic/qed/qed_sriov.c
> @@ -4404,6 +4404,9 @@ qed_iov_configure_min_tx_rate(struct qed_dev *cdev, int vfid, u32 rate)
> }
>
> vf = qed_iov_get_vf_info(QED_LEADING_HWFN(cdev), (u16)vfid, true);
> + if (!vf)
> + return -EINVAL;
> +
> vport_id = vf->vport_id;
>
> return qed_configure_vport_wfq(cdev, vport_id, rate);
> --
> 2.25.1
>

There is also potential NULL pointer dereference in:
qed_iov_handle_trust_change()
Should be:
if (!vf || !vf->vf->vport_instance)

I think it can be a part of this fix.

Thanks,
Michal

Next message: Sui jingfeng: "Re: [PATCH v7 2/2] drm: add kms driver for loongson display controller"
Previous message: Dmitry Baryshkov: "Re: [PATCH 2/3] clk: qcom: videocc-sm8450: Add video clock controller driver for SM8450"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]