From: Yan Zhao <yan.y.zhao@intel.com>
To: alex.williamson@redhat.com
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
libvir-list@redhat.com, qemu-devel@nongnu.org, cohuck@redhat.com,
zhenyuw@linux.intel.com, zhi.a.wang@intel.com,
kevin.tian@intel.com, shaopeng.he@intel.com,
Yan Zhao <yan.y.zhao@intel.com>
Subject: [RFC PATCH 2/9] vfio/pci: test existence before calling region->ops
Date: Wed, 4 Dec 2019 22:25:55 -0500 [thread overview]
Message-ID: <20191205032555.29700-1-yan.y.zhao@intel.com> (raw)
In-Reply-To: <20191205032419.29606-1-yan.y.zhao@intel.com>
For regions registered through vfio_pci_register_dev_region(),
before calling region->ops, first check whether region->ops is not null.
As in the next two patches, dev regions of null region->ops are to be
registered by default on behalf of vendor driver, we need to check here
to prevent null pointer access if vendor driver forgets to handle those
dev regions
Cc: Kevin Tian <kevin.tian@intel.com>
Signed-off-by: Yan Zhao <yan.y.zhao@intel.com>
---
drivers/vfio/pci/vfio_pci.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/drivers/vfio/pci/vfio_pci.c b/drivers/vfio/pci/vfio_pci.c
index 55080ff29495..f3730252ee82 100644
--- a/drivers/vfio/pci/vfio_pci.c
+++ b/drivers/vfio/pci/vfio_pci.c
@@ -398,8 +398,12 @@ static void vfio_pci_disable(struct vfio_pci_device *vdev)
vdev->virq_disabled = false;
- for (i = 0; i < vdev->num_regions; i++)
+ for (i = 0; i < vdev->num_regions; i++) {
+ if (!vdev->region[i].ops || vdev->region[i].ops->release)
+ continue;
+
vdev->region[i].ops->release(vdev, &vdev->region[i]);
+ }
vdev->num_regions = 0;
kfree(vdev->region);
@@ -900,7 +904,8 @@ static long vfio_pci_ioctl(void *device_data,
if (ret)
return ret;
- if (vdev->region[i].ops->add_capability) {
+ if (vdev->region[i].ops &&
+ vdev->region[i].ops->add_capability) {
ret = vdev->region[i].ops->add_capability(vdev,
&vdev->region[i], &caps);
if (ret)
@@ -1251,6 +1256,9 @@ static ssize_t vfio_pci_rw(void *device_data, char __user *buf,
return vfio_pci_vga_rw(vdev, buf, count, ppos, iswrite);
default:
index -= VFIO_PCI_NUM_REGIONS;
+ if (!vdev->region[index].ops || !vdev->region[index].ops->rw)
+ return -EINVAL;
+
return vdev->region[index].ops->rw(vdev, buf,
count, ppos, iswrite);
}
--
2.17.1
next prev parent reply other threads:[~2019-12-05 3:34 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-05 3:24 [RFC PATCH 0/9] Introduce mediate ops in vfio-pci Yan Zhao
2019-12-05 3:25 ` [RFC PATCH 1/9] vfio/pci: introduce mediate ops to intercept vfio-pci ops Yan Zhao
2019-12-05 23:55 ` Alex Williamson
2019-12-06 7:56 ` Yan Zhao
2019-12-06 21:22 ` Alex Williamson
2019-12-09 3:42 ` Yan Zhao
2019-12-10 0:03 ` Alex Williamson
2019-12-10 2:44 ` Yan Zhao
2019-12-10 16:58 ` Alex Williamson
2019-12-11 1:19 ` Yan Zhao
2019-12-06 23:13 ` Eric Blake
2019-12-09 3:17 ` Yan Zhao
2019-12-05 3:25 ` Yan Zhao [this message]
2019-12-05 3:26 ` [RFC PATCH 3/9] vfio/pci: register a default migration region Yan Zhao
2019-12-05 23:55 ` Alex Williamson
2019-12-06 5:50 ` Yan Zhao
2019-12-05 3:26 ` [RFC PATCH 4/9] vfio-pci: register default dynamic-trap-bar-info region Yan Zhao
2019-12-05 23:55 ` Alex Williamson
2019-12-06 6:04 ` Yan Zhao
2019-12-06 15:20 ` Alex Williamson
2019-12-09 6:22 ` Yan Zhao
2019-12-09 21:16 ` Alex Williamson
2019-12-10 7:44 ` Yan Zhao
2019-12-10 16:38 ` Alex Williamson
2019-12-11 6:25 ` Yan Zhao
2019-12-11 18:56 ` Alex Williamson
2019-12-12 2:02 ` Yan Zhao
2019-12-12 3:07 ` Alex Williamson
2019-12-12 3:11 ` Yan Zhao
2019-12-05 3:27 ` [RFC PATCH 5/9] samples/vfio-pci/igd_dt: sample driver to mediate a passthrough IGD Yan Zhao
2019-12-05 3:27 ` [RFC PATCH 6/9] sample/vfio-pci/igd_dt: dynamically trap/untrap subregion of IGD bar0 Yan Zhao
2019-12-05 3:27 ` [RFC PATCH 7/9] i40e/vf_migration: register mediate_ops to vfio-pci Yan Zhao
2019-12-05 3:27 ` [RFC PATCH 8/9] i40e/vf_migration: mediate migration region Yan Zhao
2019-12-05 3:27 ` [RFC PATCH 9/9] i40e/vf_migration: support dynamic trap of bar0 Yan Zhao
2019-12-05 6:33 ` [RFC PATCH 0/9] Introduce mediate ops in vfio-pci Jason Wang
2019-12-05 8:51 ` Yan Zhao
2019-12-05 13:05 ` Jason Wang
2019-12-06 8:22 ` Yan Zhao
2019-12-06 9:40 ` Jason Wang
2019-12-06 12:49 ` Yan Zhao
2019-12-12 3:48 ` Jason Wang
2019-12-12 5:47 ` Yan Zhao
2019-12-18 2:36 ` Jason Wang
2019-12-06 17:42 ` Alex Williamson
2019-12-12 4:09 ` Jason Wang
2019-12-12 18:39 ` Alex Williamson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191205032555.29700-1-yan.y.zhao@intel.com \
--to=yan.y.zhao@intel.com \
--cc=alex.williamson@redhat.com \
--cc=cohuck@redhat.com \
--cc=kevin.tian@intel.com \
--cc=kvm@vger.kernel.org \
--cc=libvir-list@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=qemu-devel@nongnu.org \
--cc=shaopeng.he@intel.com \
--cc=zhenyuw@linux.intel.com \
--cc=zhi.a.wang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).