Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp1204722ybl; Wed, 4 Dec 2019 19:35:26 -0800 (PST) X-Google-Smtp-Source: APXvYqxau4RFU7DwvYf5Cw8xnxaiwIlv4FpTsYG/LoJSX2nY3dDEfOldL0l32+gi6v/Td5/yHF9i X-Received: by 2002:a9d:6c01:: with SMTP id f1mr4862001otq.133.1575516926843; Wed, 04 Dec 2019 19:35:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1575516926; cv=none; d=google.com; s=arc-20160816; b=i14yG37/rVLHRjctgOEShNb+q9nS/3ISt/YufYONnRF0FiiBPAywTkN2emW2ClANys 2J6fIMUcxlD/NokdUi3YVg/qIn51svtJjRZ+zrKBAEGoUeuefwusLTa6djh41eQmN/oy GTH9gisQR9Y+zz0WFpn6vhaTCQUHHe9Wy1vPST/v9OCWB6Pf0PARP1Y4ZLpoY+RPd60P fWZx7JobG/CsFOTzILmMrn7uFlX24P6v5yyua/R2KWxuGYHGtlQEg8VZ22hcmUFIIRFN TtSPYLHNj/bQtB/zsJQaErsVsCl02XinDsixv9J/wfmHFpIzIO93GmY7vYo5ZuSAyxVe Wq1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from; bh=rCdf/fqNXOYxlK8lky7nabV2Nh1FTcX4qNVsXiPvIQc=; b=b4gZSSCby5uRUx5JaKgKccs99L5Y1K7GCQsZC6CLwi8IK++ugH9lSGOvA8mlz2CuFa ozdtHKH9gvZNpebse7riYvOc8BJJvdDiJqYwfYLR3BEOeTTsL2nnxLwlpHfAPlR4oJ1Y e7p6BeZRybIq7A53vgjkbPcGtiCDpx7suNTpOL95D+s05/pZHSuACZKXysVPPAVdDMGL wcTCCvo6uNNZxhTBbGrraXjkev5SZlrl9eu5/Y6U4RejSqLbtgINbW+2Huuk57Qsnsco /IwJ1KUVINySIW3c7DYXyvpuyHXgJVqbERnuhe1Uc/SVnLcJVUNwDjkvBcZlPuKr9g31 G+8A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v76si4229881oif.207.2019.12.04.19.35.15; Wed, 04 Dec 2019 19:35:26 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728883AbfLEDeT (ORCPT + 99 others); Wed, 4 Dec 2019 22:34:19 -0500 Received: from mga12.intel.com ([192.55.52.136]:43800 "EHLO mga12.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728821AbfLEDeT (ORCPT ); Wed, 4 Dec 2019 22:34:19 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Dec 2019 19:34:19 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,279,1571727600"; d="scan'208";a="243094962" Received: from joy-optiplex-7040.sh.intel.com ([10.239.13.9]) by fmsmga002.fm.intel.com with ESMTP; 04 Dec 2019 19:34:16 -0800 From: Yan Zhao To: alex.williamson@redhat.com Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, libvir-list@redhat.com, qemu-devel@nongnu.org, cohuck@redhat.com, zhenyuw@linux.intel.com, zhi.a.wang@intel.com, kevin.tian@intel.com, shaopeng.he@intel.com, Yan Zhao Subject: [RFC PATCH 2/9] vfio/pci: test existence before calling region->ops Date: Wed, 4 Dec 2019 22:25:55 -0500 Message-Id: <20191205032555.29700-1-yan.y.zhao@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20191205032419.29606-1-yan.y.zhao@intel.com> References: <20191205032419.29606-1-yan.y.zhao@intel.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org For regions registered through vfio_pci_register_dev_region(), before calling region->ops, first check whether region->ops is not null. As in the next two patches, dev regions of null region->ops are to be registered by default on behalf of vendor driver, we need to check here to prevent null pointer access if vendor driver forgets to handle those dev regions Cc: Kevin Tian Signed-off-by: Yan Zhao --- drivers/vfio/pci/vfio_pci.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/drivers/vfio/pci/vfio_pci.c b/drivers/vfio/pci/vfio_pci.c index 55080ff29495..f3730252ee82 100644 --- a/drivers/vfio/pci/vfio_pci.c +++ b/drivers/vfio/pci/vfio_pci.c @@ -398,8 +398,12 @@ static void vfio_pci_disable(struct vfio_pci_device *vdev) vdev->virq_disabled = false; - for (i = 0; i < vdev->num_regions; i++) + for (i = 0; i < vdev->num_regions; i++) { + if (!vdev->region[i].ops || vdev->region[i].ops->release) + continue; + vdev->region[i].ops->release(vdev, &vdev->region[i]); + } vdev->num_regions = 0; kfree(vdev->region); @@ -900,7 +904,8 @@ static long vfio_pci_ioctl(void *device_data, if (ret) return ret; - if (vdev->region[i].ops->add_capability) { + if (vdev->region[i].ops && + vdev->region[i].ops->add_capability) { ret = vdev->region[i].ops->add_capability(vdev, &vdev->region[i], &caps); if (ret) @@ -1251,6 +1256,9 @@ static ssize_t vfio_pci_rw(void *device_data, char __user *buf, return vfio_pci_vga_rw(vdev, buf, count, ppos, iswrite); default: index -= VFIO_PCI_NUM_REGIONS; + if (!vdev->region[index].ops || !vdev->region[index].ops->rw) + return -EINVAL; + return vdev->region[index].ops->rw(vdev, buf, count, ppos, iswrite); } -- 2.17.1