[PATCH] sdp: Prevent kernel crash if device init fails (plus bonus fix)

Mon, 22 Feb 2010 09:07:06 -0800 

If sdp_add_device() fails, there is no client data stored in the IB device,
leading to a kernel crash when a connection is being established. Fix this
by rejecting connections when the device is not initialized.

Also, fix a bad goto target in an error case early in sdp_init_qp().

Signed-off-by: Joachim Fenkes <[email protected]>
---
 kernel_patches/fixes/sdp-0001-fix-error-path.patch |   38 ++++++++++++++++++++
 1 files changed, 38 insertions(+), 0 deletions(-)
 create mode 100644 kernel_patches/fixes/sdp-0001-fix-error-path.patch

diff --git a/kernel_patches/fixes/sdp-0001-fix-error-path.patch 
b/kernel_patches/fixes/sdp-0001-fix-error-path.patch
new file mode 100644
index 0000000..5a5f784
--- /dev/null
+++ b/kernel_patches/fixes/sdp-0001-fix-error-path.patch
@@ -0,0 +1,38 @@
+[PATCH] sdp: Prevent kernel crash if device init fails (plus bonus fix)
+
+If sdp_add_device() fails, there is no client data stored in the IB device,
+leading to a kernel crash when a connection is being established. Fix this
+by rejecting connections when the device is not initialized.
+
+Also, fix a bad goto target in an error case early in sdp_init_qp().
+
+Signed-off-by: Joachim Fenkes <[email protected]>
+
+---
+
+ sdp_cma.c |    7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff -urp a/drivers/infiniband/ulp/sdp/sdp_cma.c 
b/drivers/infiniband/ulp/sdp/sdp_cma.c
+--- a/drivers/infiniband/ulp/sdp/sdp_cma.c     2010-02-19 15:39:32.000000000 
+0100
++++ b/drivers/infiniband/ulp/sdp/sdp_cma.c     2010-02-19 15:38:13.000000000 
+0100
+@@ -94,13 +94,18 @@ static int sdp_init_qp(struct sock *sk, 
+               sdp_warn(sk, "recv sge's. capability: %d needed: %ld\n",
+                       sdp_sk(sk)->max_sge, SDP_MAX_RECV_SKB_FRAGS + 1);
+               rc = -ENOMEM;
+-              goto err_tx;
++              goto err_rx;
+       }
+ 
+       qp_init_attr.cap.max_send_sge = sdp_sk(sk)->max_sge;
+       sdp_dbg(sk, "Setting max send sge to: %d\n", sdp_sk(sk)->max_sge);
+               
+       sdp_sk(sk)->sdp_dev = ib_get_client_data(device, &sdp_client);
++      if (!sdp_sk(sk)->sdp_dev) {
++              sdp_warn(sk, "SDP not available on device %s", device->name);
++              rc = -ENODEV;
++              goto err_rx;
++      }
+ 
+       rc = sdp_rx_ring_create(sdp_sk(sk), device);
+       if (rc)
-- 
1.7.0


--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to