diff options
| author | Shyam Iyer <shyam.iyer.t@gmail.com> | 2011-09-08 17:41:17 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-09-09 22:49:58 -0400 |
| commit | 5307f6d5fb12fd01f9f321bc4a8fd77e74858647 (patch) | |
| tree | fa0087ac08c4a914e8c3456741d57ddf27534b9a | |
| parent | a6a5ed0dd36b4977789e888170f96840cc8b4501 (diff) | |
Fix pointer dereference before call to pcie_bus_configure_settings
Commit b03e7495a862 ("PCI: Set PCI-E Max Payload Size on fabric")
introduced a potential NULL pointer dereference in calls to
pcie_bus_configure_settings due to attempts to access pci_bus self
variables when the self pointer is NULL.
To correct this, verify that the self pointer in pci_bus is non-NULL
before dereferencing it.
Reported-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: Shyam Iyer <shyam_iyer@dell.com>
Signed-off-by: Jon Mason <mason@myri.com>
Acked-by: Jesse Barnes <jbarnes@virtuousgeek.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| -rw-r--r-- | arch/x86/pci/acpi.c | 9 | ||||
| -rw-r--r-- | drivers/pci/hotplug/pcihp_slot.c | 4 | ||||
| -rw-r--r-- | drivers/pci/probe.c | 3 |
3 files changed, 10 insertions, 6 deletions
diff --git a/arch/x86/pci/acpi.c b/arch/x86/pci/acpi.c index c95330267f0..039d91315bc 100644 --- a/arch/x86/pci/acpi.c +++ b/arch/x86/pci/acpi.c | |||
| @@ -365,8 +365,13 @@ struct pci_bus * __devinit pci_acpi_scan_root(struct acpi_pci_root *root) | |||
| 365 | */ | 365 | */ |
| 366 | if (bus) { | 366 | if (bus) { |
| 367 | struct pci_bus *child; | 367 | struct pci_bus *child; |
| 368 | list_for_each_entry(child, &bus->children, node) | 368 | list_for_each_entry(child, &bus->children, node) { |
| 369 | pcie_bus_configure_settings(child, child->self->pcie_mpss); | 369 | struct pci_dev *self = child->self; |
| 370 | if (!self) | ||
| 371 | continue; | ||
| 372 | |||
| 373 | pcie_bus_configure_settings(child, self->pcie_mpss); | ||
| 374 | } | ||
| 370 | } | 375 | } |
| 371 | 376 | ||
| 372 | if (!bus) | 377 | if (!bus) |
diff --git a/drivers/pci/hotplug/pcihp_slot.c b/drivers/pci/hotplug/pcihp_slot.c index 753b21aaea6..3ffd9c1acc0 100644 --- a/drivers/pci/hotplug/pcihp_slot.c +++ b/drivers/pci/hotplug/pcihp_slot.c | |||
| @@ -169,7 +169,9 @@ void pci_configure_slot(struct pci_dev *dev) | |||
| 169 | (dev->class >> 8) == PCI_CLASS_BRIDGE_PCI))) | 169 | (dev->class >> 8) == PCI_CLASS_BRIDGE_PCI))) |
| 170 | return; | 170 | return; |
| 171 | 171 | ||
| 172 | pcie_bus_configure_settings(dev->bus, dev->bus->self->pcie_mpss); | 172 | if (dev->bus && dev->bus->self) |
| 173 | pcie_bus_configure_settings(dev->bus, | ||
| 174 | dev->bus->self->pcie_mpss); | ||
| 173 | 175 | ||
| 174 | memset(&hpp, 0, sizeof(hpp)); | 176 | memset(&hpp, 0, sizeof(hpp)); |
| 175 | ret = pci_get_hp_params(dev, &hpp); | 177 | ret = pci_get_hp_params(dev, &hpp); |
diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c index 8473727b29f..0820fc1544e 100644 --- a/drivers/pci/probe.c +++ b/drivers/pci/probe.c | |||
| @@ -1456,9 +1456,6 @@ void pcie_bus_configure_settings(struct pci_bus *bus, u8 mpss) | |||
| 1456 | { | 1456 | { |
| 1457 | u8 smpss = mpss; | 1457 | u8 smpss = mpss; |
| 1458 | 1458 | ||
| 1459 | if (!bus->self) | ||
| 1460 | return; | ||
| 1461 | |||
| 1462 | if (!pci_is_pcie(bus->self)) | 1459 | if (!pci_is_pcie(bus->self)) |
| 1463 | return; | 1460 | return; |
| 1464 | 1461 | ||