PCI: Make pci_scan_slot more robust
Yinghai pointed out that the new pci_scan_slot() crashes when called
on an ARI-capable slot that is empty. Fix this by exiting early from
pci_scan_slot if there is no device in the slot.
Also make next_ari_func() robust against devices not existing in case
the ARI capability is corrupt. ARI also requires that the devices be
listed in order, so if we find a function listed that is out of order,
stop scanning to prevent loops.
Signed-off-by: Matthew Wilcox <matthew@wil.cx>
Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>
diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c
index 9672760..233d1c2 100644
--- a/drivers/pci/probe.c
+++ b/drivers/pci/probe.c
@@ -1222,11 +1222,19 @@
static unsigned next_ari_fn(struct pci_dev *dev, unsigned fn)
{
u16 cap;
- unsigned pos = pci_find_ext_capability(dev, PCI_EXT_CAP_ID_ARI);
+ unsigned pos, next_fn;
+
+ if (!dev)
+ return 0;
+
+ pos = pci_find_ext_capability(dev, PCI_EXT_CAP_ID_ARI);
if (!pos)
return 0;
pci_read_config_word(dev, pos + 4, &cap);
- return cap >> 8;
+ next_fn = cap >> 8;
+ if (next_fn <= fn)
+ return 0;
+ return next_fn;
}
static unsigned next_trad_fn(struct pci_dev *dev, unsigned fn)
@@ -1271,12 +1279,14 @@
return 0; /* Already scanned the entire slot */
dev = pci_scan_single_device(bus, devfn);
- if (dev && !dev->is_added) /* new device? */
+ if (!dev)
+ return 0;
+ if (!dev->is_added)
nr++;
if (pci_ari_enabled(bus))
next_fn = next_ari_fn;
- else if (dev && dev->multifunction)
+ else if (dev->multifunction)
next_fn = next_trad_fn;
for (fn = next_fn(dev, 0); fn > 0; fn = next_fn(dev, fn)) {