From nobody Tue Feb 10 05:44:17 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1575517281; cv=none; d=zohomail.com; s=zohoarc; b=l7SLqbA93v9RE5uDUsbC4+nUQ95XDVSM8fmTXKQ9zbSjmVD0qLVzSK4BneU1UTJ6dv0JsKTZMd5JfA/+gXJ2ptGrDG3nYaWyqLUSHmpYkcyOYKOJ5HhY3FamwHNmJfj9j3fLd8nTke1/m4ZbUeeIkkxLFbe7Fmt1gFQ61NfYWUM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1575517281; h=Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:Message-ID:References:Sender:Subject:To; bh=rCdf/fqNXOYxlK8lky7nabV2Nh1FTcX4qNVsXiPvIQc=; b=fNlAg72Bq7/okW94k/Sil4kXGjnZu2+nd6Ik6RI8eL2Nz02Kwck6mZw9OMNDqm2jbvEEIlNue1xl6RhE2Of5ueNFRRSBeNfmeShJcc+xvb8oHNeLyGxsv93BJ2jKrskNk5Q8AE9ZSw5uwTjGZRHN4T2KmW4oe6G/Xp7C5lAZsX4= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1575517281558130.17289928519926; Wed, 4 Dec 2019 19:41:21 -0800 (PST) Received: from localhost ([::1]:49524 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ici11-0001TP-N3 for importer@patchew.org; Wed, 04 Dec 2019 22:41:19 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:58609) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ichuQ-0000zc-7u for qemu-devel@nongnu.org; Wed, 04 Dec 2019 22:34:31 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ichuK-0000hR-3Y for qemu-devel@nongnu.org; Wed, 04 Dec 2019 22:34:25 -0500 Received: from mga01.intel.com ([192.55.52.88]:11015) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ichuI-0000bB-CG for qemu-devel@nongnu.org; Wed, 04 Dec 2019 22:34:23 -0500 Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Dec 2019 19:34:19 -0800 Received: from joy-optiplex-7040.sh.intel.com ([10.239.13.9]) by fmsmga002.fm.intel.com with ESMTP; 04 Dec 2019 19:34:16 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,279,1571727600"; d="scan'208";a="243094962" From: Yan Zhao To: alex.williamson@redhat.com Subject: [RFC PATCH 2/9] vfio/pci: test existence before calling region->ops Date: Wed, 4 Dec 2019 22:25:55 -0500 Message-Id: <20191205032555.29700-1-yan.y.zhao@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20191205032419.29606-1-yan.y.zhao@intel.com> References: <20191205032419.29606-1-yan.y.zhao@intel.com> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 192.55.52.88 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kevin.tian@intel.com, Yan Zhao , kvm@vger.kernel.org, libvir-list@redhat.com, cohuck@redhat.com, linux-kernel@vger.kernel.org, zhenyuw@linux.intel.com, qemu-devel@nongnu.org, shaopeng.he@intel.com, zhi.a.wang@intel.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" For regions registered through vfio_pci_register_dev_region(), before calling region->ops, first check whether region->ops is not null. As in the next two patches, dev regions of null region->ops are to be registered by default on behalf of vendor driver, we need to check here to prevent null pointer access if vendor driver forgets to handle those dev regions Cc: Kevin Tian Signed-off-by: Yan Zhao --- drivers/vfio/pci/vfio_pci.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/drivers/vfio/pci/vfio_pci.c b/drivers/vfio/pci/vfio_pci.c index 55080ff29495..f3730252ee82 100644 --- a/drivers/vfio/pci/vfio_pci.c +++ b/drivers/vfio/pci/vfio_pci.c @@ -398,8 +398,12 @@ static void vfio_pci_disable(struct vfio_pci_device *v= dev) =20 vdev->virq_disabled =3D false; =20 - for (i =3D 0; i < vdev->num_regions; i++) + for (i =3D 0; i < vdev->num_regions; i++) { + if (!vdev->region[i].ops || vdev->region[i].ops->release) + continue; + vdev->region[i].ops->release(vdev, &vdev->region[i]); + } =20 vdev->num_regions =3D 0; kfree(vdev->region); @@ -900,7 +904,8 @@ static long vfio_pci_ioctl(void *device_data, if (ret) return ret; =20 - if (vdev->region[i].ops->add_capability) { + if (vdev->region[i].ops && + vdev->region[i].ops->add_capability) { ret =3D vdev->region[i].ops->add_capability(vdev, &vdev->region[i], &caps); if (ret) @@ -1251,6 +1256,9 @@ static ssize_t vfio_pci_rw(void *device_data, char __= user *buf, return vfio_pci_vga_rw(vdev, buf, count, ppos, iswrite); default: index -=3D VFIO_PCI_NUM_REGIONS; + if (!vdev->region[index].ops || !vdev->region[index].ops->rw) + return -EINVAL; + return vdev->region[index].ops->rw(vdev, buf, count, ppos, iswrite); } --=20 2.17.1