Commit 25143b6a authored Mar 16, 2023 by Daniil Tatianin Committed by David S. Miller Mar 19, 2023

qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info



We have to make sure that the info returned by the helper is valid
before using it.

Found by Linux Verification Center (linuxtesting.org) with the SVACE
static analysis tool.

Fixes: f990c82c ("qed*: Add support for ndo_set_vf_trust")
Fixes: 733def6a ("qed*: IOV link control")
Signed-off-by: Daniil Tatianin <d-tatianin@yandex-team.ru>
Reviewed-by: Michal Swiatkowski <michal.swiatkowski@linux.intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent e866f29a

drivers/net/ethernet/qlogic/qed/qed_sriov.c

+4 −1

Original line number	Diff line number	Diff line
		@@ -4404,6 +4404,9 @@ qed_iov_configure_min_tx_rate(struct qed_dev *cdev, int vfid, u32 rate)
		}

		vf = qed_iov_get_vf_info(QED_LEADING_HWFN(cdev), (u16)vfid, true);
		if (!vf)
		return -EINVAL;

		vport_id = vf->vport_id;

		return qed_configure_vport_wfq(cdev, vport_id, rate);
		@@ -5152,7 +5155,7 @@ static void qed_iov_handle_trust_change(struct qed_hwfn *hwfn)

		/* Validate that the VF has a configured vport */
		vf = qed_iov_get_vf_info(hwfn, i, true);
		if (!vf->vport_instance)
		if (!vf \|\| !vf->vport_instance)
		continue;

		memset(&params, 0, sizeof(params));