On 8/21/22 20:16, yanjun.zhu@xxxxxxxxx wrote:
> From: Zhu Yanjun <yanjun.zhu@xxxxxxxxx>
>
> When sock_create_kern in the function rxe_qp_init_req fails,
> qp->sk is set to NULL.
>
> Then the function rxe_create_qp will call rxe_qp_do_cleanup
> to handle allocated resource.
>
> Before handling qp->sk, this variable should be checked.
>
> Fixes: 8700e3e7c485 ("Soft RoCE driver")
> Signed-off-by: Zhu Yanjun <yanjun.zhu@xxxxxxxxx>
> ---
> drivers/infiniband/sw/rxe/rxe_qp.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/infiniband/sw/rxe/rxe_qp.c b/drivers/infiniband/sw/rxe/rxe_qp.c
> index f10b461b9963..b229052ae91a 100644
> --- a/drivers/infiniband/sw/rxe/rxe_qp.c
> +++ b/drivers/infiniband/sw/rxe/rxe_qp.c
> @@ -835,8 +835,10 @@ static void rxe_qp_do_cleanup(struct work_struct *work)
>
> free_rd_atomic_resources(qp);
>
> - kernel_sock_shutdown(qp->sk, SHUT_RDWR);
> - sock_release(qp->sk);
> + if (qp->sk) {
> + kernel_sock_shutdown(qp->sk, SHUT_RDWR);
> + sock_release(qp->sk);
> + }
> }
>
> /* called when the last reference to the qp is dropped */
Reviewed-by: Bob Pearson <rpearsonhpe@xxxxxxxxx>
