Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S943388AbcJ2Nzd (ORCPT ); Sat, 29 Oct 2016 09:55:33 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:50470 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932807AbcJ2Nz3 (ORCPT ); Sat, 29 Oct 2016 09:55:29 -0400 From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Russell Currey , Andrew Donnellan , Michael Ellerman Subject: [PATCH 4.4 23/51] powerpc/eeh: Null check uses of eeh_pe_bus_get Date: Sat, 29 Oct 2016 09:49:24 -0400 Message-Id: <20161029134923.447589492@linuxfoundation.org> X-Mailer: git-send-email 2.10.1 In-Reply-To: <20161029134922.501052551@linuxfoundation.org> References: <20161029134922.501052551@linuxfoundation.org> User-Agent: quilt/0.64 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1952 Lines: 58 4.4-stable review patch. If anyone has any objections, please let me know. ------------------ From: Russell Currey commit 04fec21c06e35b169a83e75a84a015ab4606bf5e upstream. eeh_pe_bus_get() can return NULL if a PCI bus isn't found for a given PE. Some callers don't check this, and can cause a null pointer dereference under certain circumstances. Fix this by checking NULL everywhere eeh_pe_bus_get() is called. Fixes: 8a6b1bc70dbb ("powerpc/eeh: EEH core to handle special event") Cc: stable@vger.kernel.org # v3.11+ Signed-off-by: Russell Currey Reviewed-by: Andrew Donnellan Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/eeh_driver.c | 8 ++++++++ arch/powerpc/platforms/powernv/eeh-powernv.c | 5 +++++ 2 files changed, 13 insertions(+) --- a/arch/powerpc/kernel/eeh_driver.c +++ b/arch/powerpc/kernel/eeh_driver.c @@ -909,6 +909,14 @@ static void eeh_handle_special_event(voi /* Notify all devices to be down */ eeh_pe_state_clear(pe, EEH_PE_PRI_BUS); bus = eeh_pe_bus_get(phb_pe); + if (!bus) { + pr_err("%s: Cannot find PCI bus for " + "PHB#%d-PE#%x\n", + __func__, + pe->phb->global_number, + pe->addr); + break; + } eeh_pe_dev_traverse(pe, eeh_report_failure, NULL); pcibios_remove_pci_devices(bus); --- a/arch/powerpc/platforms/powernv/eeh-powernv.c +++ b/arch/powerpc/platforms/powernv/eeh-powernv.c @@ -956,6 +956,11 @@ static int pnv_eeh_reset(struct eeh_pe * } bus = eeh_pe_bus_get(pe); + if (!bus) { + pr_err("%s: Cannot find PCI bus for PHB#%d-PE#%x\n", + __func__, pe->phb->global_number, pe->addr); + return -EIO; + } if (pci_is_root_bus(bus) || pci_is_root_bus(bus->parent)) ret = pnv_eeh_root_reset(hose, option);