qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info

We have to make sure that the info returned by the helper is valid before using it. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. Fixes: f990c82c ("qed*: Add support for ndo_set_vf_trust") Fixes: 733def6a ("qed*: IOV link control") Signed-off-by: N Daniil Tatianin <d-tatianin@yandex-team.ru> Reviewed-by: N Michal Swiatkowski <michal.swiatkowski@linux.intel.com> Signed-off-by: N David S. Miller <davem@davemloft.net>

qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
We have to make sure that the info returned by the helper is valid before using it. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. Fixes: f990c82c ("qed*: Add support for ndo_set_vf_trust") Fixes: 733def6a ("qed*: IOV link control") Signed-off-by: N Daniil Tatianin <d-tatianin@yandex-team.ru> Reviewed-by: N Michal Swiatkowski <michal.swiatkowski@linux.intel.com> Signed-off-by: N David S. Miller <davem@davemloft.net>
25143b6a · Daniil Tatianin · David S. Miller · e866f29a · 25143b6a
隐藏空白更改
内联并排

Showing with 4 addition and 1 deletion

drivers/net/ethernet/qlogic/qed/qed_sriov.c drivers/net/ethernet/qlogic/qed/qed_sriov.c +4 -1

未找到文件。
--- a/drivers/net/ethernet/qlogic/qed/qed_sriov.c
+++ b/drivers/net/ethernet/qlogic/qed/qed_sriov.c
@@ -4404,6 +4404,9 @@ qed_iov_configure_min_tx_rate(struct qed_dev *cdev, int vfid, u32 rate)
 	}

 	vf = qed_iov_get_vf_info(QED_LEADING_HWFN(cdev), (u16)vfid, true);
+	if (!vf)
+		return -EINVAL;
+
 	vport_id = vf->vport_id;

 	return qed_configure_vport_wfq(cdev, vport_id, rate);
@@ -5152,7 +5155,7 @@ static void qed_iov_handle_trust_change(struct qed_hwfn *hwfn)

 		/* Validate that the VF has a configured vport */
 		vf = qed_iov_get_vf_info(hwfn, i, true);
-		if (!vf->vport_instance)
+		if (!vf || !vf->vport_instance)
 			continue;

 		memset(&params, 0, sizeof(params));