From: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
To: davem@davemloft.net
Cc: Christoph Paasch <christoph.paasch@uclouvain.be>,
netdev@vger.kernel.org, gospo@redhat.com, sassmann@redhat.com,
Carolyn Wyborny <carolyn.wyborny@intel.com>,
Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Subject: [net-next 15/16] igb: Fix Null-pointer dereference in igb_reset_q_vector
Date: Fri, 21 Mar 2014 05:10:05 -0700 [thread overview]
Message-ID: <1395403806-29302-16-git-send-email-jeffrey.t.kirsher@intel.com> (raw)
In-Reply-To: <1395403806-29302-1-git-send-email-jeffrey.t.kirsher@intel.com>
From: Christoph Paasch <christoph.paasch@uclouvain.be>
When igb_set_interrupt_capability() calls
igb_reset_interrupt_capability() (e.g., because CONFIG_PCI_MSI is unset),
num_q_vectors has been set but no vector has yet been allocated.
igb_reset_interrupt_capability() will then call igb_reset_q_vector,
which assumes that the vector is allocated. As this is not the case, we
are accessing a NULL-pointer.
This patch fixes it by checking that q_vector is indeed different from
NULL.
Fixes: 02ef6e1d0b0023 (igb: Fix queue allocation method to accommodate changing during runtime)
Cc: Carolyn Wyborny <carolyn.wyborny@intel.com>
Signed-off-by: Christoph Paasch <christoph.paasch@uclouvain.be>
Tested-by: Jeff Pieper <jeffrey.e.pieper@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
---
drivers/net/ethernet/intel/igb/igb_main.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/drivers/net/ethernet/intel/igb/igb_main.c b/drivers/net/ethernet/intel/igb/igb_main.c
index e8b4f7b..6acf787 100644
--- a/drivers/net/ethernet/intel/igb/igb_main.c
+++ b/drivers/net/ethernet/intel/igb/igb_main.c
@@ -1035,6 +1035,12 @@ static void igb_reset_q_vector(struct igb_adapter *adapter, int v_idx)
{
struct igb_q_vector *q_vector = adapter->q_vector[v_idx];
+ /* Coming from igb_set_interrupt_capability, the vectors are not yet
+ * allocated. So, q_vector is NULL so we should stop here.
+ */
+ if (!q_vector)
+ return;
+
if (q_vector->tx.ring)
adapter->tx_ring[q_vector->tx.ring->queue_index] = NULL;
--
1.8.3.1
next prev parent reply other threads:[~2014-03-21 12:10 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-21 12:09 [net-next 00/16][pull request] Intel Wired LAN Driver Updates Jeff Kirsher
2014-03-21 12:09 ` [net-next 01/16] i40e/i40evf: Add EEE LPI stats Jeff Kirsher
2014-03-21 12:09 ` [net-next 02/16] i40e: Fix a message string Jeff Kirsher
2014-03-21 12:09 ` [net-next 03/16] i40evf: don't shut down admin queue on error Jeff Kirsher
2014-03-21 12:09 ` [net-next 04/16] i40evf: clean up init error messages Jeff Kirsher
2014-03-21 12:09 ` [net-next 05/16] ixgbe: Break recursion in case of removal Jeff Kirsher
2014-03-21 12:09 ` [net-next 06/16] ixgbevf: Use static inlines instead of macros Jeff Kirsher
2014-03-21 12:09 ` [net-next 07/16] ixgbevf: Make the ethtool register test use accessors Jeff Kirsher
2014-03-21 12:09 ` [net-next 08/16] ixgbevf: Check register reads for adapter removal Jeff Kirsher
2014-03-21 12:09 ` [net-next 09/16] ixgbevf: Check for adapter removal on register writes Jeff Kirsher
2014-03-21 12:10 ` [net-next 10/16] ixgbevf: Additional adapter removal checks Jeff Kirsher
2014-03-21 12:10 ` [net-next 11/16] igb: implement SIOCGHWTSTAMP ioctl Jeff Kirsher
2014-03-21 12:10 ` [net-next 12/16] igb: add register rd/wr for surprise removal Jeff Kirsher
2014-03-21 12:10 ` [net-next 13/16] igb: Fix memory leak in igb_get_module_eeprom() Jeff Kirsher
2014-03-21 12:10 ` [net-next 14/16] igb: specify phc_index of 82575 for get_ts_info Jeff Kirsher
2014-03-21 12:10 ` Jeff Kirsher [this message]
2014-03-21 12:10 ` [net-next 16/16] igb: Unset IGB_FLAG_HAS_MSIX-flag when falling back to msi-only Jeff Kirsher
2014-03-21 19:24 ` [net-next 00/16][pull request] Intel Wired LAN Driver Updates David Miller
[not found] ` <0082c389c1d6488cb5cf473ff1bc26e2@UCL-MBX03.OASIS.UCLOUVAIN.BE>
2014-03-23 14:31 ` [net-next 15/16] igb: Fix Null-pointer dereference in igb_reset_q_vector Christoph Paasch
2014-03-24 20:49 ` Jeff Kirsher
[not found] ` <6af5c43984d241daa37714ea8f98ab53@UCL-MBX03.OASIS.UCLOUVAIN.BE>
2014-03-24 20:57 ` Christoph Paasch
[not found] ` <3ed2b36cb601493fae970917602ab6d1@UCL-MBX03.OASIS.UCLOUVAIN.BE>
2014-03-23 14:32 ` [net-next 16/16] igb: Unset IGB_FLAG_HAS_MSIX-flag when falling back to msi-only Christoph Paasch
2014-03-24 20:51 ` Jeff Kirsher
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1395403806-29302-16-git-send-email-jeffrey.t.kirsher@intel.com \
--to=jeffrey.t.kirsher@intel.com \
--cc=carolyn.wyborny@intel.com \
--cc=christoph.paasch@uclouvain.be \
--cc=davem@davemloft.net \
--cc=gospo@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=sassmann@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).