Hi Doug,
Please pull this change for next rc if you feel the change appropriate.
Thanks,
Bharat.
On Tuesday, August 08/08/17, 2017 at 00:32:06 +0530, Potnuri Bharat Teja wrote:
> Initializing cq_context with ev_queue in create_cq(), leads to NULL pointer
> dereference in ib_uverbs_comp_handler(), if application doesnot use completion
> channel. This patch fixes the cq_context initialization.
>
> Fixes: 1e7710f3f65 ("IB/core: Change completion channel to use the reworked")
> Signed-off-by: Potnuri Bharat Teja <bharat@xxxxxxxxxxx>
> Tested-by: Logan Gunthorpe <logang@xxxxxxxxxxxx>
> Reviewed-by: Matan Barak <matanb@xxxxxxxxxxxx>
> ---
> drivers/infiniband/core/uverbs_cmd.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/infiniband/core/uverbs_cmd.c b/drivers/infiniband/core/uverbs_cmd.c
> index 2c98533a0203..50a6c64f0388 100644
> --- a/drivers/infiniband/core/uverbs_cmd.c
> +++ b/drivers/infiniband/core/uverbs_cmd.c
> @@ -1015,7 +1015,7 @@ static struct ib_ucq_object *create_cq(struct ib_uverbs_file *file,
> cq->uobject = &obj->uobject;
> cq->comp_handler = ib_uverbs_comp_handler;
> cq->event_handler = ib_uverbs_cq_event_handler;
> - cq->cq_context = &ev_file->ev_queue;
> + cq->cq_context = ev_file ? &ev_file->ev_queue : NULL;
> atomic_set(&cq->usecnt, 0);
>
> obj->uobject.object = cq;
> --
> 2.5.3
>
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
