From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Nigel Kirkland <nkirkland2304@gmail.com>,
James Smart <jsmart2021@gmail.com>,
Keith Busch <kbusch@kernel.org>, Sasha Levin <sashal@kernel.org>,
james.smart@broadcom.com, sagi@grimberg.me,
linux-nvme@lists.infradead.org
Subject: [PATCH AUTOSEL 6.5 01/41] nvme-fc: Prevent null pointer dereference in nvme_fc_io_getuuid()
Date: Sun, 24 Sep 2023 09:14:49 -0400 [thread overview]
Message-ID: <20230924131529.1275335-1-sashal@kernel.org> (raw)
From: Nigel Kirkland <nkirkland2304@gmail.com>
[ Upstream commit 8ae5b3a685dc59a8cf7ccfe0e850999ba9727a3c ]
The nvme_fc_fcp_op structure describing an AEN operation is initialized with a
null request structure pointer. An FC LLDD may make a call to
nvme_fc_io_getuuid passing a pointer to an nvmefc_fcp_req for an AEN operation.
Add validation of the request structure pointer before dereference.
Signed-off-by: Nigel Kirkland <nkirkland2304@gmail.com>
Reviewed-by: James Smart <jsmart2021@gmail.com>
Signed-off-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/nvme/host/fc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/nvme/host/fc.c b/drivers/nvme/host/fc.c
index 1cd2bf82319a9..a15b37750d6e9 100644
--- a/drivers/nvme/host/fc.c
+++ b/drivers/nvme/host/fc.c
@@ -1924,7 +1924,7 @@ char *nvme_fc_io_getuuid(struct nvmefc_fcp_req *req)
struct nvme_fc_fcp_op *op = fcp_req_to_fcp_op(req);
struct request *rq = op->rq;
- if (!IS_ENABLED(CONFIG_BLK_CGROUP_FC_APPID) || !rq->bio)
+ if (!IS_ENABLED(CONFIG_BLK_CGROUP_FC_APPID) || !rq || !rq->bio)
return NULL;
return blkcg_get_fc_appid(rq->bio);
}
--
2.40.1
next reply other threads:[~2023-09-24 13:15 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-24 13:14 Sasha Levin [this message]
2023-09-24 13:14 ` [PATCH AUTOSEL 6.5 02/41] parisc: sba: Fix compile warning wrt list of SBA devices Sasha Levin
2023-09-24 13:14 ` [PATCH AUTOSEL 6.5 03/41] parisc: sba-iommu: Fix sparse warnigs Sasha Levin
2023-09-24 13:14 ` [PATCH AUTOSEL 6.5 04/41] parisc: ccio-dma: Fix sparse warnings Sasha Levin
2023-09-24 13:14 ` [PATCH AUTOSEL 6.5 05/41] parisc: iosapic.c: " Sasha Levin
2023-09-24 13:14 ` [PATCH AUTOSEL 6.5 06/41] parisc: drivers: Fix sparse warning Sasha Levin
2023-09-24 13:14 ` [PATCH AUTOSEL 6.5 07/41] parisc: irq: Make irq_stack_union static to avoid " Sasha Levin
2023-09-24 13:14 ` [PATCH AUTOSEL 6.5 08/41] scsi: qedf: Add synchronization between I/O completions and abort Sasha Levin
2023-09-24 13:14 ` [PATCH AUTOSEL 6.5 09/41] scsi: ufs: core: Move __ufshcd_send_uic_cmd() outside host_lock Sasha Levin
2023-09-24 13:14 ` [PATCH AUTOSEL 6.5 10/41] scsi: ufs: core: Poll HCS.UCRDY before issuing a UIC command Sasha Levin
2023-09-24 13:14 ` [PATCH AUTOSEL 6.5 11/41] selftests/ftrace: Correctly enable event in instance-event.tc Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 12/41] ring-buffer: Avoid softlockup in ring_buffer_resize() Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 13/41] btrfs: do not block starts waiting on previous transaction commit Sasha Levin
2023-09-25 13:01 ` David Sterba
2023-09-25 17:47 ` Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 14/41] btrfs: improve error message after failure to add delayed dir index item Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 15/41] btrfs: assert delayed node locked when removing delayed item Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 16/41] selftests: fix dependency checker script Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 17/41] ring-buffer: Do not attempt to read past "commit" Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 18/41] net/smc: bugfix for smcr v2 server connect success statistic Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 19/41] ata: sata_mv: Fix incorrect string length computation in mv_dump_mem() Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 20/41] efi/x86: Ensure that EFI_RUNTIME_MAP is enabled for kexec Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 21/41] platform/mellanox: mlxbf-bootctl: add NET dependency into Kconfig Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 22/41] platform/x86: asus-wmi: Support 2023 ROG X16 tablet mode Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 23/41] thermal/of: add missing of_node_put() Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 24/41] drm/amdgpu: Store CU info from all XCCs for GFX v9.4.3 Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 25/41] drm/amdkfd: Update cache info reporting " Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 26/41] drm/amdkfd: Update CU masking for GFX 9.4.3 Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 27/41] drm/amd/display: Add dirty rect support for Replay Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 28/41] drm/amd/display: Don't check registers, if using AUX BL control Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 29/41] drm/amdgpu/soc21: don't remap HDP registers for SR-IOV Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 30/41] drm/amdgpu/nbio4.3: set proper rmmio_remap.reg_offset " Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 31/41] drm/amdgpu: fallback to old RAS error message for aqua_vanjaram Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 32/41] drm/amdkfd: Checkpoint and restore queues on GFX11 Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 33/41] drm/amdgpu: Handle null atom context in VBIOS info ioctl Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 34/41] objtool: Fix _THIS_IP_ detection for cold functions Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 35/41] nvme-pci: do not set the NUMA node of device if it has none Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 36/41] riscv: errata: fix T-Head dcache.cva encoding Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 37/41] scsi: pm80xx: Use phy-specific SAS address when sending PHY_START command Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 38/41] scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 39/41] smb3: correct places where ENOTSUPP is used instead of preferred EOPNOTSUPP Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 40/41] ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset() Sasha Levin
2023-09-24 13:15 ` [PATCH AUTOSEL 6.5 41/41] ata: libata-eh: do not thaw the port twice " Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230924131529.1275335-1-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=james.smart@broadcom.com \
--cc=jsmart2021@gmail.com \
--cc=kbusch@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=nkirkland2304@gmail.com \
--cc=sagi@grimberg.me \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).