[SRU][F][PATCH 1/1] i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc

[Koichiro Den]

From: Norbert Zulinski <norbertx.zulinski at intel.com>

When trying to dump VFs VSI RX/TX descriptors
using debugfs there was a crash
due to NULL pointer dereference in i40e_dbg_dump_desc.
Added a check to i40e_dbg_dump_desc that checks if
VSI type is correct for dumping RX/TX descriptors.

Fixes: 02e9c290814c ("i40e: debugfs interface")
Signed-off-by: Sylwester Dziedziuch <sylwesterx.dziedziuch at intel.com>
Signed-off-by: Norbert Zulinski <norbertx.zulinski at intel.com>
Signed-off-by: Mateusz Palczewski <mateusz.palczewski at intel.com>
Tested-by: Gurucharan G <gurucharanx.g at intel.com>
Signed-off-by: Tony Nguyen <anthony.l.nguyen at intel.com>
(backported from commit 23ec111bf3549aae37140330c31a16abfc172421)
[koichiroden: Adjusted context due to missing irrelevant commit:
44ea803e2fa7 ("i40e: introduce new dump desc XDP command")]
CVE-2021-47501
Signed-off-by: Koichiro Den <koichiro.den at canonical.com>
---
 drivers/net/ethernet/intel/i40e/i40e_debugfs.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/drivers/net/ethernet/intel/i40e/i40e_debugfs.c b/drivers/net/ethernet/intel/i40e/i40e_debugfs.c
index 31f60657f532..8d36da96d8fc 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_debugfs.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_debugfs.c
@@ -505,6 +505,14 @@ static void i40e_dbg_dump_desc(int cnt, int vsi_seid, int ring_id, int desc_n,
 		dev_info(&pf->pdev->dev, "vsi %d not found\n", vsi_seid);
 		return;
 	}
+	if (vsi->type != I40E_VSI_MAIN &&
+	    vsi->type != I40E_VSI_FDIR &&
+	    vsi->type != I40E_VSI_VMDQ2) {
+		dev_info(&pf->pdev->dev,
+			 "vsi %d type %d descriptor rings not available\n",
+			 vsi_seid, vsi->type);
+		return;
+	}
 	if (ring_id >= vsi->num_queue_pairs || ring_id < 0) {
 		dev_info(&pf->pdev->dev, "ring %d not found\n", ring_id);
 		return;
-- 
2.43.0