On Mon, May 27, 2024 at 11:15:55AM +0200, Lukas Wunner wrote:
> On Tue, May 07, 2024 at 04:27:38PM +0200, Nam Cao wrote:
> > On Mon, May 06, 2024 at 09:36:44PM +0200, Lukas Wunner wrote:
> > > Remind me, how exactly does the NULL pointer deref occur? I think it's
> > > because no struct pci_bus was allocated for the subordinate bus of the
> > > hot-plugged bridge, right? Because AFAICS that would happen in
> > >
> > > pci_hp_add_bridge()
> > > pci_can_bridge_extend()
> > > pci_add_new_bus()
> > > pci_alloc_child_bus()
> > >
> > > but we never get that far because pci_hp_add_bridge() bails out with -1.
> > > So the subordinate pointer remains a NULL pointer.
> >
> > This is correct. NULL deference happens due to subordinate pointer being
> > NULL.
> >
> > > Or check for a NULL subordinate pointer instead of crashing.
> >
> > I think this is a possible solution, but it is a bit complicated: all usage
> > of subordinate pointers will need to be looked at.
>
> We already check for a NULL subordinate pointer in various places.
> See e.g. commit 62e4492c3063 ("PCI: Prevent NULL dereference during
> pciehp probe").
Ah, so bridge without subordinate bus is allowed in the kernel.
> If we're missing such checks, I'd suggest to add those.
>
> If you believe having a NULL subordinate pointer is wrong and the
> bridge should be de-enumerated altogether, I think you would have
> to remove these NULL pointer checks as they'd otherwise become
> pointless with your change.
>
> Just adding missing NULL pointer checks seems to be the most
> straightforward solution to me.
If the kernel do permits bridges without subordinate bus number, I am
happy to go this direction. I expect going this way will require many more
patches, I will dig into it and come back later.
Thanks for your patience providing me advices & information.
Best regards,
Nam
