security: fix issues reported by Klocwork

- NULL pointer reference risk - buffer overflow risk Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
2025-09-23 09:47:44 +00:00 · 2018-05-03 19:28:17 +08:00
parent 02f993ca02
commit 6de10d6908
3 changed files with 31 additions and 6 deletions
--- a/arch/x86/assign.c
+++ b/arch/x86/assign.c
@@ -488,9 +488,7 @@ add_msix_remapping(struct vm *vm, uint16_t virt_bdf, uint16_t phys_bdf,
 		entry_id_from_msix(phys_bdf, msix_entry_index));
 	if (!entry) {
 		if (_lookup_entry_by_vmsi(vm, virt_bdf, msix_entry_index)) {
-			pr_err("MSIX re-add vbdf%x idx=%d to vm%d",
-				virt_bdf, entry->msi.msix_entry_index,
-				entry->vm->attr.id);
+			pr_err("MSIX re-add vbdf%x", virt_bdf);

 			spinlock_release(&ptdev_lock);
 			return &invalid_entry;
@@ -566,8 +564,7 @@ add_intx_remapping(struct vm *vm, uint8_t virt_pin,
 	entry = _lookup_entry_by_id(entry_id_from_intx(phys_pin));
 	if (!entry) {
 		if (_lookup_entry_by_vintx(vm, virt_pin, vpin_src)) {
-			pr_err("INTX re-add vpin %d to vm%d",
-				virt_pin, entry->vm->attr.id);
+			pr_err("INTX re-add vpin %d", virt_pin);
 			spinlock_release(&ptdev_lock);
 			return &invalid_entry;
 		}
--- a/arch/x86/trusty.c
+++ b/arch/x86/trusty.c
@@ -107,6 +107,11 @@ static void create_secure_world_ept(struct vm *vm, uint64_t gpa_orig,
 	void *sub_table_addr = NULL, *pml4_base = NULL;
 	struct vm *vm0 = get_vm_from_vmid(0);

+	if (vm0 == NULL) {
+		pr_err("Parse vm0 context failed.");
+		return;
+	}
+
 	if (!vm->sworld_control.sworld_enabled
 			|| vm->arch_vm.sworld_eptp != 0) {
 		pr_err("Sworld is not enabled or Sworld eptp is not NULL");
@@ -182,6 +187,11 @@ void  destroy_secure_world(struct vm *vm)
 	struct map_params  map_params;
 	struct vm *vm0 = get_vm_from_vmid(0);

+	if (vm0 == NULL) {
+		pr_err("Parse vm0 context failed.");
+		return;
+	}
+
 	/* clear trusty memory space */
 	memset(HPA2HVA(vm->sworld_control.sworld_memory.base_hpa),
 			0, vm->sworld_control.sworld_memory.length);