2017-04-23 14:00:55

by Pan Bian

[permalink] [raw]
Subject: [PATCH 1/1] PCI: check return value of pci_find_ext_capability

From: Pan Bian <[email protected]>

Function pci_find_ext_capability() will returns 0 on failure, and its
return value should be checked before it is used. However, in function
pcie_port_enable_msix(), its return value is not checked. This patch
adds the check.

Signed-off-by: Pan Bian <[email protected]>
---
drivers/pci/pcie/portdrv_core.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/drivers/pci/pcie/portdrv_core.c b/drivers/pci/pcie/portdrv_core.c
index cea504f..001951d 100644
--- a/drivers/pci/pcie/portdrv_core.c
+++ b/drivers/pci/pcie/portdrv_core.c
@@ -103,6 +103,8 @@ static int pcie_port_enable_msix(struct pci_dev *dev, int *irqs, int mask)
* interrupt message."
*/
pos = pci_find_ext_capability(dev, PCI_EXT_CAP_ID_ERR);
+ if (!pos)
+ goto out_free_irqs;
pci_read_config_dword(dev, pos + PCI_ERR_ROOT_STATUS, &reg32);
entry = reg32 >> 27;
if (entry >= nr_entries)
--
1.9.1



2017-04-24 10:37:12

by Mika Westerberg

[permalink] [raw]
Subject: Re: [PATCH 1/1] PCI: check return value of pci_find_ext_capability

On Sun, Apr 23, 2017 at 10:00:20PM +0800, Pan Bian wrote:
> From: Pan Bian <[email protected]>
>
> Function pci_find_ext_capability() will returns 0 on failure, and its
> return value should be checked before it is used. However, in function
> pcie_port_enable_msix(), its return value is not checked. This patch
> adds the check.
>
> Signed-off-by: Pan Bian <[email protected]>
> ---
> drivers/pci/pcie/portdrv_core.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/pci/pcie/portdrv_core.c b/drivers/pci/pcie/portdrv_core.c
> index cea504f..001951d 100644
> --- a/drivers/pci/pcie/portdrv_core.c
> +++ b/drivers/pci/pcie/portdrv_core.c
> @@ -103,6 +103,8 @@ static int pcie_port_enable_msix(struct pci_dev *dev, int *irqs, int mask)
> * interrupt message."
> */
> pos = pci_find_ext_capability(dev, PCI_EXT_CAP_ID_ERR);
> + if (!pos)
> + goto out_free_irqs;

I don't think this can happen because get_port_device_capability() will
enumerate this capability and only if it exists, set PCIE_PORT_SERVICE_AER.

2017-04-25 19:31:17

by Bjorn Helgaas

[permalink] [raw]
Subject: Re: [PATCH 1/1] PCI: check return value of pci_find_ext_capability

On Mon, Apr 24, 2017 at 01:36:58PM +0300, Mika Westerberg wrote:
> On Sun, Apr 23, 2017 at 10:00:20PM +0800, Pan Bian wrote:
> > From: Pan Bian <[email protected]>
> >
> > Function pci_find_ext_capability() will returns 0 on failure, and its
> > return value should be checked before it is used. However, in function
> > pcie_port_enable_msix(), its return value is not checked. This patch
> > adds the check.
> >
> > Signed-off-by: Pan Bian <[email protected]>
> > ---
> > drivers/pci/pcie/portdrv_core.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/drivers/pci/pcie/portdrv_core.c b/drivers/pci/pcie/portdrv_core.c
> > index cea504f..001951d 100644
> > --- a/drivers/pci/pcie/portdrv_core.c
> > +++ b/drivers/pci/pcie/portdrv_core.c
> > @@ -103,6 +103,8 @@ static int pcie_port_enable_msix(struct pci_dev *dev, int *irqs, int mask)
> > * interrupt message."
> > */
> > pos = pci_find_ext_capability(dev, PCI_EXT_CAP_ID_ERR);
> > + if (!pos)
> > + goto out_free_irqs;
>
> I don't think this can happen because get_port_device_capability() will
> enumerate this capability and only if it exists, set PCIE_PORT_SERVICE_AER.

The path is more complicated than I'd like, but I think you're right.
We should also be able to use dev->aer_cap here instead of looking it
up again.

Bjorn