[PATCH] genirq/msi: Check null pointer before copying struct msi_msg
From: Alan Mikhak
Date: Fri Apr 17 2020 - 14:48:51 EST
From: Alan Mikhak <alan.mikhak@xxxxxxxxxx>
Modify __get_cached_msi_msg() to check both pointers for null before
copying the contents from the struct msi_msg pointer to the pointer
provided by caller.
Without this sanity check, __get_cached_msi_msg() crashes when invoked by
dw_edma_irq_request() in drivers/dma/dw-edma/dw-edma-core.c running on a
Linux-based PCIe endpoint device. MSI interrupt are not received by PCIe
endpoint devices. As a result, irq_get_msi_desc() returns null since there
are no cached struct msi_msg entry on the endpoint side.
Signed-off-by: Alan Mikhak <alan.mikhak@xxxxxxxxxx>
---
kernel/irq/msi.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/kernel/irq/msi.c b/kernel/irq/msi.c
index eb95f6106a1e..f39d42ef0d50 100644
--- a/kernel/irq/msi.c
+++ b/kernel/irq/msi.c
@@ -58,7 +58,8 @@ void free_msi_entry(struct msi_desc *entry)
void __get_cached_msi_msg(struct msi_desc *entry, struct msi_msg *msg)
{
- *msg = entry->msg;
+ if (entry && msg)
+ *msg = entry->msg;
}
void get_cached_msi_msg(unsigned int irq, struct msi_msg *msg)
--
2.7.4