diff options
| author | Jeremiah Lott <jlott@averesystems.com> | 2024-10-27 07:18:54 +0000 |
|---|---|---|
| committer | Kevin Bowling <kbowling@FreeBSD.org> | 2024-10-27 07:18:54 +0000 |
| commit | b87b3696c973ef0a9df70143cd89f6b488531e93 (patch) | |
| tree | 541b0077a6d525f7819c0e3e40008cd90db8ad96 | |
| parent | 439fa16e1fd35181898b61264b205bf3b7103a41 (diff) | |
| download | src-b87b3696c973.tar.gz src-b87b3696c973.zip | |
ixv: Check cap return before MSI-X enable write
In the QEMU workaround code in if_ixv.c, the ixv driver calls
pci_find_cap(dev, PCIY_MSIX, &rid). It is not checking the return code
from that function and the function appears to always be failing. This
then causes the driver to use the rid variable uninitialized, which
will mean setting a bit at an arbitrary offset in pci config space. For
now, this seems to have no adverse impact, but it could easily cause
very subtle problems.
PR: 207037
MFC after: 3 days
Sponsored by: BBOX.io
| -rw-r--r-- | sys/dev/ixgbe/if_ixv.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/sys/dev/ixgbe/if_ixv.c b/sys/dev/ixgbe/if_ixv.c index 467a56e7269f..58384af5eea7 100644 --- a/sys/dev/ixgbe/if_ixv.c +++ b/sys/dev/ixgbe/if_ixv.c @@ -1073,11 +1073,14 @@ ixv_if_msix_intr_assign(if_ctx_t ctx, int msix) */ if (sc->hw.mac.type == ixgbe_mac_82599_vf) { int msix_ctrl; - pci_find_cap(dev, PCIY_MSIX, &rid); - rid += PCIR_MSIX_CTRL; - msix_ctrl = pci_read_config(dev, rid, 2); - msix_ctrl |= PCIM_MSIXCTRL_MSIX_ENABLE; - pci_write_config(dev, rid, msix_ctrl, 2); + if (pci_find_cap(dev, PCIY_MSIX, &rid)) { + device_printf(dev, "Finding MSIX capability failed\n"); + } else { + rid += PCIR_MSIX_CTRL; + msix_ctrl = pci_read_config(dev, rid, 2); + msix_ctrl |= PCIM_MSIXCTRL_MSIX_ENABLE; + pci_write_config(dev, rid, msix_ctrl, 2); + } } return (0); |