bus/pci: fix leak with multiple bus scan
Checks
Commit Message
The addition of the bus_info field did not account for the fact that the
PCI bus can be scanned multiple times (like for device hotplug and other
uses in SPDK).
Indeed, during pci_scan_one() for devices that were already registered,
the pci_common_set() overwrites the bus_info field, leaking the
previously allocated memory.
Since the bus_info content is fixed for a PCI device, we can simply skip
allocation if dev->bus_info is already set.
Fixes: 8f4de2dba9b9 ("bus/pci: fill bus specific information")
Reported-by: Tomasz Zawadzki <tomasz.zawadzki@intel.com>
Signed-off-by: David Marchand <david.marchand@redhat.com>
---
drivers/bus/pci/pci_common.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
Comments
On Mon, Nov 21, 2022 at 12:12 PM David Marchand
<david.marchand@redhat.com> wrote:
>
> The addition of the bus_info field did not account for the fact that the
> PCI bus can be scanned multiple times (like for device hotplug and other
> uses in SPDK).
> Indeed, during pci_scan_one() for devices that were already registered,
> the pci_common_set() overwrites the bus_info field, leaking the
> previously allocated memory.
>
> Since the bus_info content is fixed for a PCI device, we can simply skip
> allocation if dev->bus_info is already set.
>
> Fixes: 8f4de2dba9b9 ("bus/pci: fill bus specific information")
>
> Reported-by: Tomasz Zawadzki <tomasz.zawadzki@intel.com>
> Signed-off-by: David Marchand <david.marchand@redhat.com>
I did not hear feedback, nor objection.
The patch is simple, and it fixes a regression in the release.
So I'm taking this patch for rc4.
Applied, thanks.
@@ -114,8 +114,9 @@ pci_common_set(struct rte_pci_device *dev)
/* Otherwise, it uses the internal, canonical form. */
dev->device.name = dev->name;
- if (asprintf(&dev->bus_info, "vendor_id=%"PRIx16", device_id=%"PRIx16,
- dev->id.vendor_id, dev->id.device_id) != -1)
+ if (dev->bus_info != NULL ||
+ asprintf(&dev->bus_info, "vendor_id=%"PRIx16", device_id=%"PRIx16,
+ dev->id.vendor_id, dev->id.device_id) != -1)
dev->device.bus_info = dev->bus_info;
}