From nobody Thu Mar 28 20:46:34 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) client-ip=63.128.21.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1609977087; cv=none; d=zohomail.com; s=zohoarc; b=PCItlBJQJXBl+bCtA9+jFCJkSvpIoCMg+r/UzLwNoNU7WbVCPv4mizZ9QfxLSpedtIVOqeDevq9lCmE0ylqCKtjfmxSbH9hoifbtD6S6gka0LPze2oK635juZQJdCyBHUejctijU6dzFFRTufMP+4sSPVV2AfXG9Jij/lEx+MJU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1609977087; h=Content-Type:Content-Transfer-Encoding:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To; bh=pib1Z61txCE7/8woohHnuHUAOUyFX6zwfQyYGPHe2KY=; b=NdffSMMKzQNC43enGUf1RWh8Oi42847ioGoLzLHBZ7+qo1eKlAn0nZuPbT0tDPqilXCsAY5iperoD9XHv7BQWz/FjPmgqROf3PwfTUCX05B4/5jLsxAFcDowDkelYtaNFsRn9HAqc48AMKCfJAZ0wQVgpddRxdkg38Vkyyox6U0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.zohomail.com with SMTPS id 1609977087388728.2683501241136; Wed, 6 Jan 2021 15:51:27 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-494-dd7G_7BMOHGm7woFWF5_HQ-1; Wed, 06 Jan 2021 18:51:24 -0500 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 88957107ACE4; Wed, 6 Jan 2021 23:51:17 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 98F7760C04; Wed, 6 Jan 2021 23:51:13 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 4C00D4BB40; Wed, 6 Jan 2021 23:51:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 106Np7Hh002241 for ; Wed, 6 Jan 2021 18:51:07 -0500 Received: by smtp.corp.redhat.com (Postfix) id 9DD8F3CC9; Wed, 6 Jan 2021 23:51:07 +0000 (UTC) Received: from vhost2.laine.org (ovpn-112-226.phx2.redhat.com [10.3.112.226]) by smtp.corp.redhat.com (Postfix) with ESMTP id 677C63AA2 for ; Wed, 6 Jan 2021 23:51:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1609977086; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=pib1Z61txCE7/8woohHnuHUAOUyFX6zwfQyYGPHe2KY=; b=YWd9PVMRnhDnkVKcpm3k6T1JL8cEXEc9BAuVfbioRV9QGtQIWvGBajwS6rQovM9oDv9uq2 KFZz/CQS4n3UV01mzg77B1KjxrWl2lafVrte0QNwUUiOsQYm8JMJd5fYrMqCRCkQsEYtP2 YLSxBg5gqFjIx29lRgYXpD051VToNts= X-MC-Unique: dd7G_7BMOHGm7woFWF5_HQ-1 From: Laine Stump To: libvir-list@redhat.com Subject: [libvirt PATCH] util: validate pcie_cap_pos != 0 in virDeviceHasPCIExpressLink() Date: Wed, 6 Jan 2021 18:51:02 -0500 Message-Id: <20210106235102.880922-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" virDeviceHasPCIExpressLink() wasn't checking that pcie_cap_pos was valid before attempting to use it, which could lead to reading the byte at offset 0+PCI_CAP_ID_EXP instead of [valid offset]+PCI_CAP_ID_EXP. In particular, this could happen for "integrated" PCI devices (those that are on the PCIe root complex). If it happened that the byte from the wrong address had the "right" bit set, then it would lead to us innappropriately believing that Express Link info was available when it wasn't, and the node device driver would log an error like this: virPCIDeviceGetLinkCapSta:2754 : internal error: pci device 0000:00:18.0 is not a PCI-Express device during a libvirtd restart. (this didn't ever occur until after virPCIDeviceIsPCIExpress() was made more intelligent in commit c00b6b1ae, which hasn't yet been in any official release) Signed-off-by: Laine Stump Reviewed-by: Michal Privoznik --- src/util/virpci.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/util/virpci.c b/src/util/virpci.c index 9bfc743fbd..50fd5ef7ea 100644 --- a/src/util/virpci.c +++ b/src/util/virpci.c @@ -2722,6 +2722,11 @@ virPCIDeviceHasPCIExpressLink(virPCIDevicePtr dev) if (virPCIDeviceInit(dev, fd) < 0) goto cleanup; =20 + if (dev->pcie_cap_pos =3D=3D 0) { + ret =3D 0; + goto cleanup; + } + cap =3D virPCIDeviceRead16(dev, fd, dev->pcie_cap_pos + PCI_CAP_FLAGS); type =3D (cap & PCI_EXP_FLAGS_TYPE) >> 4; =20 --=20 2.29.2