Received: by 2002:a05:7412:8d11:b0:fa:4934:9f with SMTP id bj17csp357295rdb; Sun, 14 Jan 2024 22:07:31 -0800 (PST) X-Google-Smtp-Source: AGHT+IHamm6UkO2goLtTHjQNtG4Ayq1w8smIig766SO6wY7SB4Vh5y8LIdkCAdqivR+LXnRjhCvc X-Received: by 2002:a05:6a00:2ea8:b0:6da:ca92:3e2e with SMTP id fd40-20020a056a002ea800b006daca923e2emr6195013pfb.7.1705298850781; Sun, 14 Jan 2024 22:07:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1705298850; cv=none; d=google.com; s=arc-20160816; b=0YJPKu6LmM5nxBJoJ7C9NlH18u7jaeanyGED7RvRL8A0DmDl+mqwDb3F/PvMxTjhPP q1m75ltY/RIXRFjF6gRkjqvDp7RwfqVcoF3HrpA3RYs86HYY2OcubAowJYUwN+di3lKb 0+WUyOnOUEAVvom2bTLMNP5cCItGKgJOC4mmOLkVmgxG7kVo1abFPv0cHtZi+uElIEh4 Jxml0z420DpdXHNHVyCcKyDe/D3akQgp8FTw2AftrXuDsb6lgEdI1mWDe6iKXK4qQZ3x MRh5qcMqoiUmFsJmanOk+73JaDkBOF0kwTK63Jlvuzh9yEMg0As8j4WpZPqWeQWLeVit IggQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id; bh=GBz8qKPLO1zAZ9Wakn2ypdEndYG7g+HubyTW3QsSXHY=; fh=om0Bi4dLmuzknwUma4wAiG5ZCCZqlQJ6IR6+Y6XUIBg=; b=XD/10T08CMgWRcLkL6Ynq+9CXeQqf7nx7Az3l563cX1dh4ltFabl38cqfv/2j8d3ZV 9BFWkjiAvomqB3AblPePVmZvjoCYFrU72CRrIbK0BI18B81l91kMPzBYERrghJniuU1F UfxuI7bBHYCNwZN+PjV9WkNCWPPytb6UTu/XJQc/Y8Z+EvJI7iRkF7t5Wal7BH2ZutV1 6duKlmcMwbFoKs1s9hVji1z7crRXSJUVczK+4eFlu6iwh4h5b3USzdHzJF5p+yFlxX8z UN547VPuH7IWORU2WkGU8xYWPPTaYgb7XifXog4/U0yHqz+91ziiEkhzDWkcJ0o9+xdU mA0Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel+bounces-25649-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-25649-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id jw26-20020a056a00929a00b006d9e76be7f0si8460048pfb.301.2024.01.14.22.07.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 14 Jan 2024 22:07:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-25649-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel+bounces-25649-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-25649-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 5DC682817DB for ; Mon, 15 Jan 2024 06:07:30 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3FDB23C0B; Mon, 15 Jan 2024 06:07:21 +0000 (UTC) Received: from mailgw.kylinos.cn (mailgw.kylinos.cn [124.126.103.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B266823BF; Mon, 15 Jan 2024 06:07:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=kylinos.cn Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kylinos.cn X-UUID: b6efbbf3342945eeb8cd3bce98c8798a-20240115 X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.35,REQID:15b0c6fb-d15b-4e9a-b893-df26ffdc9a02,IP:10, URL:0,TC:0,Content:0,EDM:0,RT:0,SF:-15,FILE:0,BULK:0,RULE:Release_Ham,ACTI ON:release,TS:-5 X-CID-INFO: VERSION:1.1.35,REQID:15b0c6fb-d15b-4e9a-b893-df26ffdc9a02,IP:10,UR L:0,TC:0,Content:0,EDM:0,RT:0,SF:-15,FILE:0,BULK:0,RULE:Release_Ham,ACTION :release,TS:-5 X-CID-META: VersionHash:5d391d7,CLOUDID:6057da82-8d4f-477b-89d2-1e3bdbef96d1,B ulkID:2401122330500VLWRBFO,BulkQuantity:4,Recheck:0,SF:44|64|66|24|17|19|1 02,TC:nil,Content:0,EDM:-3,IP:-2,URL:0,File:nil,Bulk:40,QS:nil,BEC:nil,COL :0,OSI:0,OSA:0,AV:0,LES:1,SPR:NO,DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0,NGT X-CID-BAS: 0,NGT,0,_ X-CID-FACTOR: TF_CID_SPAM_SNR,TF_CID_SPAM_FAS,TF_CID_SPAM_FSD,TF_CID_SPAM_FSI X-UUID: b6efbbf3342945eeb8cd3bce98c8798a-20240115 Received: from mail.kylinos.cn [(39.156.73.10)] by mailgw (envelope-from ) (Generic MTA) with ESMTP id 982530335; Mon, 15 Jan 2024 14:07:09 +0800 Received: from mail.kylinos.cn (localhost [127.0.0.1]) by mail.kylinos.cn (NSMail) with SMTP id B3869E000EB9; Mon, 15 Jan 2024 14:07:09 +0800 (CST) X-ns-mid: postfix-65A4CB8D-608913184 Received: from [172.20.15.234] (unknown [172.20.15.234]) by mail.kylinos.cn (NSMail) with ESMTPA id 6CC8DE000EB9; Mon, 15 Jan 2024 14:07:09 +0800 (CST) Message-ID: <9e917782-03cd-493e-b6f1-c6170a265a38@kylinos.cn> Date: Mon, 15 Jan 2024 14:07:08 +0800 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] vfio: Fix NULL pointer dereference in vfio_pci_bus_notifier Content-Language: en-US To: Alex Williamson Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org References: <20240112062221.135681-1-chentao@kylinos.cn> <20240112083026.7fd01b41.alex.williamson@redhat.com> From: Kunwu Chan In-Reply-To: <20240112083026.7fd01b41.alex.williamson@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 2024/1/12 23:30, Alex Williamson wrote: > On Fri, 12 Jan 2024 14:22:21 +0800 > Kunwu Chan wrote: > >> kasprintf() returns a pointer to dynamically allocated memory >> which can be NULL upon failure. Ensure the allocation was successful >> by checking the pointer validity. >> >> Signed-off-by: Kunwu Chan >> --- >> drivers/vfio/pci/vfio_pci_core.c | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/drivers/vfio/pci/vfio_pci_core.c b/drivers/vfio/pci/vfio_pci_core.c >> index 1cbc990d42e0..74e5b89a3a0c 100644 >> --- a/drivers/vfio/pci/vfio_pci_core.c >> +++ b/drivers/vfio/pci/vfio_pci_core.c >> @@ -2047,6 +2047,8 @@ static int vfio_pci_bus_notifier(struct notifier_block *nb, >> pci_name(pdev)); >> pdev->driver_override = kasprintf(GFP_KERNEL, "%s", >> vdev->vdev.ops->name); >> + if (!pdev->driver_override) >> + return -ENOMEM; >> } else if (action == BUS_NOTIFY_BOUND_DRIVER && >> pdev->is_virtfn && physfn == vdev->pdev) { >> struct pci_driver *drv = pci_dev_driver(pdev); > > This is a blocking notifier callback, so errno isn't a proper return > value, nor does it accomplish anything. We're into the realm of > worrying about small allocation failures here, which I understand > essentially cannot happen, but about the best we could do at this > point would be to WARN_ON if we weren't able to allocate an override. Thanks for your reply. I'll update v2 patch use WARN_ON to print some callstack msgs when we weren't able to allocate an override. These msgs could reduce some of the worries and help us to find what happed. > Thanks, > > Alex > -- Thanks, Kunwu