[05/38] Fix pointer dereference before call to pcie_bus_configure_settings

From: Greg KH
Date: Tue Oct 11 2011 - 13:03:40 EST

Next message: Greg KH: "[06/38] PCI: Disable MPS configuration by default"
Previous message: Greg KH: "[04/38] pci: Dont crash when reading mpss from root complex"
In reply to: Greg KH: "[04/38] pci: Dont crash when reading mpss from root complex"
Next in thread: Greg KH: "[06/38] PCI: Disable MPS configuration by default"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

3.0-stable review patch. If anyone has any objections, please let us know.

------------------

From: Shyam Iyer <shyam.iyer.t@xxxxxxxxx>

commit 5307f6d5fb12fd01f9f321bc4a8fd77e74858647 upstream.

Commit b03e7495a862 ("PCI: Set PCI-E Max Payload Size on fabric")
introduced a potential NULL pointer dereference in calls to
pcie_bus_configure_settings due to attempts to access pci_bus self
variables when the self pointer is NULL.

To correct this, verify that the self pointer in pci_bus is non-NULL
before dereferencing it.

Reported-by: Stanislaw Gruszka <sgruszka@xxxxxxxxxx>
Signed-off-by: Shyam Iyer <shyam_iyer@xxxxxxxx>
Signed-off-by: Jon Mason <mason@xxxxxxxx>
Acked-by: Jesse Barnes <jbarnes@xxxxxxxxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>

---
arch/x86/pci/acpi.c | 9 +++++++--
drivers/pci/hotplug/pcihp_slot.c | 4 +++-
drivers/pci/probe.c | 3 ---
3 files changed, 10 insertions(+), 6 deletions(-)

--- a/arch/x86/pci/acpi.c
+++ b/arch/x86/pci/acpi.c
@@ -366,8 +366,13 @@ struct pci_bus * __devinit pci_acpi_scan
*/
if (bus) {
struct pci_bus *child;
- list_for_each_entry(child, &bus->children, node)
- pcie_bus_configure_settings(child, child->self->pcie_mpss);
+ list_for_each_entry(child, &bus->children, node) {
+ struct pci_dev *self = child->self;
+ if (!self)
+ continue;
+
+ pcie_bus_configure_settings(child, self->pcie_mpss);
+ }
}

if (!bus)
--- a/drivers/pci/hotplug/pcihp_slot.c
+++ b/drivers/pci/hotplug/pcihp_slot.c
@@ -169,7 +169,9 @@ void pci_configure_slot(struct pci_dev *
(dev->class >> 8) == PCI_CLASS_BRIDGE_PCI)))
return;

- pcie_bus_configure_settings(dev->bus, dev->bus->self->pcie_mpss);
+ if (dev->bus && dev->bus->self)
+ pcie_bus_configure_settings(dev->bus,
+ dev->bus->self->pcie_mpss);

memset(&hpp, 0, sizeof(hpp));
ret = pci_get_hp_params(dev, &hpp);
--- a/drivers/pci/probe.c
+++ b/drivers/pci/probe.c
@@ -1461,9 +1461,6 @@ void pcie_bus_configure_settings(struct
{
u8 smpss = mpss;

- if (!bus->self)
- return;
-
if (!pci_is_pcie(bus->self))
return;

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg KH: "[06/38] PCI: Disable MPS configuration by default"
Previous message: Greg KH: "[04/38] pci: Dont crash when reading mpss from root complex"
In reply to: Greg KH: "[04/38] pci: Dont crash when reading mpss from root complex"
Next in thread: Greg KH: "[06/38] PCI: Disable MPS configuration by default"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]