Re: [PATCH for-rc] IB/core : Add null pointer check in addr_resolve

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Feb 27, 2018 at 09:51:49PM -0800, Muneendra Kumar M wrote:
> dev_get_by_index is being called in addr_resolve
> function which returns NULL and NULL pointer access
> leads to kernel crash.
> 
> Following call trace is observed while running
> rdma_lat test application
> 
> [  146.173149] BUG: unable to handle kernel NULL pointer dereference
> at 00000000000004a0
> [  146.173198] IP: addr_resolve+0x9e/0x3e0 [ib_core]
> [  146.173221] PGD 0 P4D 0
> [  146.173869] Oops: 0000 [#1] SMP PTI
> [  146.182859] CPU: 8 PID: 127 Comm: kworker/8:1 Tainted: G  O 4.15.0-rc6+ #18
> [  146.183758] Hardware name: LENOVO System x3650 M5: -[8871AC1]-/01KN179,
>  BIOS-[TCE132H-2.50]- 10/11/2017
> [  146.184691] Workqueue: ib_cm cm_work_handler [ib_cm]
> [  146.185632] RIP: 0010:addr_resolve+0x9e/0x3e0 [ib_core]
> [  146.186584] RSP: 0018:ffffc9000362faa0 EFLAGS: 00010246
> [  146.187521] RAX: 000000000000001b RBX: ffffc9000362fc08 RCX:
> 0000000000000006
> [  146.188472] RDX: 0000000000000000 RSI: 0000000000000096 RDI
> : ffff88087fc16990
> [  146.189427] RBP: ffffc9000362fb18 R08: 00000000ffffff9d R09:
> 00000000000004ac
> [  146.190392] R10: 00000000000001e7 R11: 0000000000000001 R12:
> ffff88086af2e090
> [  146.191361] R13: 0000000000000000 R14: 0000000000000001 R15:
> 00000000ffffff9d
> [  146.192327] FS:  0000000000000000(0000) GS:ffff88087fc00000(0000)
> knlGS:0000000000000000
> [  146.193301] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [  146.194274] CR2: 00000000000004a0 CR3: 000000000220a002 CR4:
> 00000000003606e0
> [  146.195258] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
> 0000000000000000
> [  146.196256] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
> 0000000000000400
> [  146.197231] Call Trace:
> [  146.198209]  ? rdma_addr_register_client+0x30/0x30 [ib_core]
> [  146.199199]  rdma_resolve_ip+0x1af/0x280 [ib_core]
> [  146.200196]  rdma_addr_find_l2_eth_by_grh+0x154/0x2b0 [ib_core]
> 
> The below patch adds the missing NULL pointer check
> returned by dev_get_by_index before accessing the netdev to
> avoid kernel crash.
> 
> We observed the below crash when we try to do the below test.
> 
>  server                       client
>  |1.1.1.1|<----rxe-channel--->|1.1.1.2|
> 
> On server: rdma_lat -c -n 2 -s 1024
> On client:rdma_lat 1.1.1.1 -c -n 2 -s 1024
> 
> Fixes: 200298326b27 ("IB/core: Validate route when we init ah")
> Signed-off-by: Muneendra <muneendra.kumar@xxxxxxxxxxxx>
>  drivers/infiniband/core/addr.c | 15 +++++----------
>  1 file changed, 5 insertions(+), 10 deletions(-)

Applied to for-rc, thanks

Jason
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Photo]     [Yosemite News]     [Yosemite Photos]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux