powerpc/eeh: Null check uses of eeh_pe_bus_get
authorRussell Currey <ruscur@russell.cc>
Mon, 12 Sep 2016 04:17:22 +0000 (14:17 +1000)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 31 Oct 2016 10:13:59 +0000 (04:13 -0600)
commit 04fec21c06e35b169a83e75a84a015ab4606bf5e upstream.

eeh_pe_bus_get() can return NULL if a PCI bus isn't found for a given PE.
Some callers don't check this, and can cause a null pointer dereference
under certain circumstances.

Fix this by checking NULL everywhere eeh_pe_bus_get() is called.

Fixes: 8a6b1bc70dbb ("powerpc/eeh: EEH core to handle special event")
Cc: stable@vger.kernel.org # v3.11+
Signed-off-by: Russell Currey <ruscur@russell.cc>
Reviewed-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
arch/powerpc/kernel/eeh_driver.c
arch/powerpc/platforms/powernv/eeh-powernv.c

index 247a0dc012f10795a82b059274b4e7e1b8969ae3..c07bfb52275e27e307356cf58e48e0ed0db27c72 100644 (file)
@@ -909,6 +909,14 @@ static void eeh_handle_special_event(void)
                                /* Notify all devices to be down */
                                eeh_pe_state_clear(pe, EEH_PE_PRI_BUS);
                                bus = eeh_pe_bus_get(phb_pe);
+                               if (!bus) {
+                                       pr_err("%s: Cannot find PCI bus for "
+                                              "PHB#%d-PE#%x\n",
+                                              __func__,
+                                              pe->phb->global_number,
+                                              pe->addr);
+                                       break;
+                               }
                                eeh_pe_dev_traverse(pe,
                                        eeh_report_failure, NULL);
                                pcibios_remove_pci_devices(bus);
index ba0cae69a39685666b29870c1eb0a2eb27816aae..92736851c795afac23926700014a72ac0e6c44d1 100644 (file)
@@ -956,6 +956,11 @@ static int pnv_eeh_reset(struct eeh_pe *pe, int option)
                }
 
                bus = eeh_pe_bus_get(pe);
+               if (!bus) {
+                       pr_err("%s: Cannot find PCI bus for PHB#%d-PE#%x\n",
+                              __func__, pe->phb->global_number, pe->addr);
+                       return -EIO;
+               }
                if (pci_is_root_bus(bus) ||
                        pci_is_root_bus(bus->parent))
                        ret = pnv_eeh_root_reset(hose, option);