Commit 5307f6d5fb12fd01f9f321bc4a8fd77e74858647
Committed by
Linus Torvalds
Linus Torvalds
1 parent
a6a5ed0dd3
Exists in
master
and in
6 other branches
Fix pointer dereference before call to pcie_bus_configure_settings
Commit b03e7495a862 ("PCI: Set PCI-E Max Payload Size on fabric") introduced a potential NULL pointer dereference in calls to pcie_bus_configure_settings due to attempts to access pci_bus self variables when the self pointer is NULL. To correct this, verify that the self pointer in pci_bus is non-NULL before dereferencing it. Reported-by: Stanislaw Gruszka <sgruszka@redhat.com> Signed-off-by: Shyam Iyer <shyam_iyer@dell.com> Signed-off-by: Jon Mason <mason@myri.com> Acked-by: Jesse Barnes <jbarnes@virtuousgeek.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Showing 3 changed files with 10 additions and 6 deletions Side-by-side Diff
arch/x86/pci/acpi.c
| ... | ... | @@ -365,8 +365,13 @@ |
| 365 | 365 | */ |
| 366 | 366 | if (bus) { |
| 367 | 367 | struct pci_bus *child; |
| 368 | - list_for_each_entry(child, &bus->children, node) | |
| 369 | - pcie_bus_configure_settings(child, child->self->pcie_mpss); | |
| 368 | + list_for_each_entry(child, &bus->children, node) { | |
| 369 | + struct pci_dev *self = child->self; | |
| 370 | + if (!self) | |
| 371 | + continue; | |
| 372 | + | |
| 373 | + pcie_bus_configure_settings(child, self->pcie_mpss); | |
| 374 | + } | |
| 370 | 375 | } |
| 371 | 376 | |
| 372 | 377 | if (!bus) |
drivers/pci/hotplug/pcihp_slot.c
| ... | ... | @@ -169,7 +169,9 @@ |
| 169 | 169 | (dev->class >> 8) == PCI_CLASS_BRIDGE_PCI))) |
| 170 | 170 | return; |
| 171 | 171 | |
| 172 | - pcie_bus_configure_settings(dev->bus, dev->bus->self->pcie_mpss); | |
| 172 | + if (dev->bus && dev->bus->self) | |
| 173 | + pcie_bus_configure_settings(dev->bus, | |
| 174 | + dev->bus->self->pcie_mpss); | |
| 173 | 175 | |
| 174 | 176 | memset(&hpp, 0, sizeof(hpp)); |
| 175 | 177 | ret = pci_get_hp_params(dev, &hpp); |