bnx2x: Prevent an illegal pointer dereference during panic
authorYuval Mintz <yuvalmin@broadcom.com>
Sun, 20 Oct 2013 14:51:27 +0000 (16:51 +0200)
committerDavid S. Miller <davem@davemloft.net>
Mon, 21 Oct 2013 22:31:35 +0000 (18:31 -0400)
commit1a6974b2c78755ae55d7be738866eb8d57c3ed45
tree5835074f923433306647acbca03f0a7087d288e4
parentb1239723f0564778d993d51d18afdfda01bdaca3
bnx2x: Prevent an illegal pointer dereference during panic

During a panic, the driver tries to print the Management FW buffer of recent
commands. To do so, the driver reads the address of that buffer from a known
address. If the buffer is unavailable (e.g., PCI reads don't work, MCP is
failing, etc.), the driver will try to access the address it has read, possibly
causing a kernel panic.

This check 'sanitizes' the access, validating the read value is indeed a valid
address inside the management FW's buffers.
The patch also removes a read outside the scope of the buffer, which resulted
in some unrelated chraracters appearing in the log.

Signed-off-by: Yuval Mintz <yuvalmin@broadcom.com>
Signed-off-by: Dmitry Kravkov <dmitry@broadcom.com>
Signed-off-by: Eilon Greenstein <eilong@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
drivers/net/ethernet/broadcom/bnx2x/bnx2x.h
drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c