Re: [PATCH v2] misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Tong Zhang <ztong0001@gmail.com>
Cc: Arnd Bergmann <arnd@arndb.de>, open list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v2] misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge
Date: Wed, 12 May 2021 18:41:18 +0200	[thread overview]
Message-ID: <YJwFLgvgIXHn8Zch@kroah.com> (raw)
In-Reply-To: <CAA5qM4A2-RD-cnJrGrsAcRixU0nfX7xFWDkxevDoC4TsBbkh9w@mail.gmail.com>

On Wed, May 12, 2021 at 09:24:55AM -0700, Tong Zhang wrote:
> On Tue, May 11, 2021 at 11:24 PM Greg Kroah-Hartman
> <gregkh@linuxfoundation.org> wrote:
> >
> > On Tue, May 11, 2021 at 05:29:38PM -0400, Tong Zhang wrote:
> > > Device might be attached to root complex directly. In this case,
> > > bus->self(bridge) will be NULL, so we'd better check before use it
> > >
> > > [    1.246492] BUG: kernel NULL pointer dereference, address: 00000000000000c0
> > > [    1.248731] RIP: 0010:pci_read_config_byte+0x5/0x40
> > > [    1.253998] Call Trace:
> > > [    1.254131]  ? alcor_pci_find_cap_offset.isra.0+0x3a/0x100 [alcor_pci]
> > > [    1.254476]  alcor_pci_probe+0x169/0x2d5 [alcor_pci]
> > >
> > > Signed-off-by: Tong Zhang <ztong0001@gmail.com>
> > > Co-Developed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> > > ---
> > > v2: check before calling alcor_pci_find_cap_offset()
> > >
> > >  drivers/misc/cardreader/alcor_pci.c | 3 +++
> > >  1 file changed, 3 insertions(+)
> > >
> > > diff --git a/drivers/misc/cardreader/alcor_pci.c b/drivers/misc/cardreader/alcor_pci.c
> > > index cd402c89189e..175c6b06f7aa 100644
> > > --- a/drivers/misc/cardreader/alcor_pci.c
> > > +++ b/drivers/misc/cardreader/alcor_pci.c
> > > @@ -139,6 +139,9 @@ static void alcor_pci_init_check_aspm(struct alcor_pci_priv *priv)
> > >       u32 val32;
> > >
> > >       priv->pdev_cap_off    = alcor_pci_find_cap_offset(priv, priv->pdev);
> > > +
> > > +     if (!priv->parent_pdev)
> > > +             return;
> >
> > That feels wrong, you just prevented all of the remaining logic in this
> > call to not be set up.  Did you test this and did the driver and device
> > still work properly if it hits this check?
> >
> > thanks,
> >
> > greg k-h
> 
> Sorry, probably I misunderstood your previous email. Please correct me
> if I am wrong.
> What I did here is to disable ASPM completely if it is attached to the
> root complex, which is OK since ASPM is optional and we cannot really
> do ASPM on the root complex.
> Also, alcor_pci_init_check_aspm() is responsible for checking the
> device and its parent(bridge) aspm capability offset.
> This function will set priv->parent_cap_off and priv->pdev_cap_off.
> Those two capability offset will be used in alcor_pci_aspm_ctrl() to
> determine whether the PCI link+device supports aspm or not.
> In our case the pdev_cap_off remains 0 when alcor_pci_aspm_ctrl() is
> called and it simply returns.
> So I think it can still work.

Ok, that makes more sense.

Can you document that better and add a comment here, and properly handle
the whitespace and resubmit?

thanks,

greg k-h

next prev parent reply	other threads:[~2021-05-12 19:23 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-04-26 22:07 [PATCH] misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge Tong Zhang
2021-05-10 14:36 ` Greg Kroah-Hartman
2021-05-10 22:20   ` Tong Zhang
2021-05-11  7:03     ` Greg Kroah-Hartman
2021-05-11 17:17       ` Tong Zhang
2021-05-11 17:57         ` Greg Kroah-Hartman
2021-05-11 21:29           ` [PATCH v2] " Tong Zhang
2021-05-12  6:24             ` Greg Kroah-Hartman
2021-05-12 16:24               ` Tong Zhang
2021-05-12 16:41                 ` Greg Kroah-Hartman [this message]
2021-05-13  4:07                   ` [PATCH v3] " Tong Zhang
2021-05-19  8:40                     ` Dan Carpenter
2021-05-19 20:20                       ` Tong Zhang
2021-05-13  4:09                   ` [PATCH v2] " Tong Zhang
2021-05-11 21:32           ` [PATCH] " Tong Zhang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YJwFLgvgIXHn8Zch@kroah.com \
    --to=gregkh@linuxfoundation.org \
    --cc=arnd@arndb.de \
    --cc=linux-kernel@vger.kernel.org \
    --cc=ztong0001@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.