[ewg] [PATCH] sdp: Prevent kernel crash if device init fails (plus bonus fix)

Joachim Fenkes fenkes at de.ibm.com
Mon Feb 22 09:06:56 PST 2010 

If sdp_add_device() fails, there is no client data stored in the IB device,
leading to a kernel crash when a connection is being established. Fix this
by rejecting connections when the device is not initialized.

Also, fix a bad goto target in an error case early in sdp_init_qp().

Signed-off-by: Joachim Fenkes <fenkes at de.ibm.com>
---
 kernel_patches/fixes/sdp-0001-fix-error-path.patch |   38 ++++++++++++++++++++
 1 files changed, 38 insertions(+), 0 deletions(-)
 create mode 100644 kernel_patches/fixes/sdp-0001-fix-error-path.patch

diff --git a/kernel_patches/fixes/sdp-0001-fix-error-path.patch b/kernel_patches/fixes/sdp-0001-fix-error-path.patch
new file mode 100644
index 0000000..5a5f784
--- /dev/null
+++ b/kernel_patches/fixes/sdp-0001-fix-error-path.patch
@@ -0,0 +1,38 @@
+[PATCH] sdp: Prevent kernel crash if device init fails (plus bonus fix)
+
+If sdp_add_device() fails, there is no client data stored in the IB device,
+leading to a kernel crash when a connection is being established. Fix this
+by rejecting connections when the device is not initialized.
+
+Also, fix a bad goto target in an error case early in sdp_init_qp().
+
+Signed-off-by: Joachim Fenkes <fenkes at de.ibm.com>
+
+---
+
+ sdp_cma.c |    7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff -urp a/drivers/infiniband/ulp/sdp/sdp_cma.c b/drivers/infiniband/ulp/sdp/sdp_cma.c
+--- a/drivers/infiniband/ulp/sdp/sdp_cma.c	2010-02-19 15:39:32.000000000 +0100
++++ b/drivers/infiniband/ulp/sdp/sdp_cma.c	2010-02-19 15:38:13.000000000 +0100
+@@ -94,13 +94,18 @@ static int sdp_init_qp(struct sock *sk, 
+ 		sdp_warn(sk, "recv sge's. capability: %d needed: %ld\n",
+ 			sdp_sk(sk)->max_sge, SDP_MAX_RECV_SKB_FRAGS + 1);
+ 		rc = -ENOMEM;
+-		goto err_tx;
++		goto err_rx;
+ 	}
+ 
+ 	qp_init_attr.cap.max_send_sge = sdp_sk(sk)->max_sge;
+ 	sdp_dbg(sk, "Setting max send sge to: %d\n", sdp_sk(sk)->max_sge);
+ 		
+ 	sdp_sk(sk)->sdp_dev = ib_get_client_data(device, &sdp_client);
++	if (!sdp_sk(sk)->sdp_dev) {
++		sdp_warn(sk, "SDP not available on device %s", device->name);
++		rc = -ENODEV;
++		goto err_rx;
++	}
+ 
+ 	rc = sdp_rx_ring_create(sdp_sk(sk), device);
+ 	if (rc)
-- 
1.7.0

More information about the ewg mailing list