From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Nigel Kirkland <nkirkland2304@gmail.com>,
James Smart <jsmart2021@gmail.com>,
Keith Busch <kbusch@kernel.org>, Sasha Levin <sashal@kernel.org>,
james.smart@broadcom.com, sagi@grimberg.me,
linux-nvme@lists.infradead.org
Subject: [PATCH AUTOSEL 6.1 01/28] nvme-fc: Prevent null pointer dereference in nvme_fc_io_getuuid()
Date: Sun, 24 Sep 2023 09:17:18 -0400 [thread overview]
Message-ID: <20230924131745.1275960-1-sashal@kernel.org> (raw)
From: Nigel Kirkland <nkirkland2304@gmail.com>
[ Upstream commit 8ae5b3a685dc59a8cf7ccfe0e850999ba9727a3c ]
The nvme_fc_fcp_op structure describing an AEN operation is initialized with a
null request structure pointer. An FC LLDD may make a call to
nvme_fc_io_getuuid passing a pointer to an nvmefc_fcp_req for an AEN operation.
Add validation of the request structure pointer before dereference.
Signed-off-by: Nigel Kirkland <nkirkland2304@gmail.com>
Reviewed-by: James Smart <jsmart2021@gmail.com>
Signed-off-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/nvme/host/fc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/nvme/host/fc.c b/drivers/nvme/host/fc.c
index 6c3d469eed7e3..177a365b8ec55 100644
--- a/drivers/nvme/host/fc.c
+++ b/drivers/nvme/host/fc.c
@@ -1911,7 +1911,7 @@ char *nvme_fc_io_getuuid(struct nvmefc_fcp_req *req)
struct nvme_fc_fcp_op *op = fcp_req_to_fcp_op(req);
struct request *rq = op->rq;
- if (!IS_ENABLED(CONFIG_BLK_CGROUP_FC_APPID) || !rq->bio)
+ if (!IS_ENABLED(CONFIG_BLK_CGROUP_FC_APPID) || !rq || !rq->bio)
return NULL;
return blkcg_get_fc_appid(rq->bio);
}
--
2.40.1
next reply other threads:[~2023-09-24 13:19 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-24 13:17 Sasha Levin [this message]
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 02/28] parisc: sba: Fix compile warning wrt list of SBA devices Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 03/28] parisc: iosapic.c: Fix sparse warnings Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 04/28] parisc: drivers: Fix sparse warning Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 05/28] parisc: irq: Make irq_stack_union static to avoid " Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 06/28] scsi: qedf: Add synchronization between I/O completions and abort Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 07/28] scsi: ufs: core: Move __ufshcd_send_uic_cmd() outside host_lock Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 08/28] scsi: ufs: core: Poll HCS.UCRDY before issuing a UIC command Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 09/28] selftests/ftrace: Correctly enable event in instance-event.tc Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 10/28] ring-buffer: Avoid softlockup in ring_buffer_resize() Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 11/28] btrfs: improve error message after failure to add delayed dir index item Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 12/28] btrfs: assert delayed node locked when removing delayed item Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 13/28] selftests: fix dependency checker script Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 14/28] ring-buffer: Do not attempt to read past "commit" Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 15/28] net/smc: bugfix for smcr v2 server connect success statistic Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 16/28] ata: sata_mv: Fix incorrect string length computation in mv_dump_mem() Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 17/28] platform/mellanox: mlxbf-bootctl: add NET dependency into Kconfig Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 18/28] platform/x86: asus-wmi: Support 2023 ROG X16 tablet mode Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 19/28] thermal/of: add missing of_node_put() Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 20/28] drm/amd/display: Don't check registers, if using AUX BL control Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 21/28] drm/amdgpu/soc21: don't remap HDP registers for SR-IOV Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 22/28] drm/amdgpu/nbio4.3: set proper rmmio_remap.reg_offset " Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 23/28] drm/amdgpu: Handle null atom context in VBIOS info ioctl Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 24/28] riscv: errata: fix T-Head dcache.cva encoding Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 25/28] scsi: pm80xx: Use phy-specific SAS address when sending PHY_START command Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 26/28] scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 27/28] smb3: correct places where ENOTSUPP is used instead of preferred EOPNOTSUPP Sasha Levin
2023-09-24 13:17 ` [PATCH AUTOSEL 6.1 28/28] ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset() Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230924131745.1275960-1-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=james.smart@broadcom.com \
--cc=jsmart2021@gmail.com \
--cc=kbusch@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=nkirkland2304@gmail.com \
--cc=sagi@grimberg.me \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox