On Thu, Dec 20, 2018 at 02:00:11PM -0800, Steve Wise wrote:
> We now use dev_name(&ib_device->dev) instead of ib_device->name in
> iwpm messages. The name field in struct device is a const char *,
> where as ib_device->name is a char array of size IB_DEVICE_NAME_MAX,
> and it is pre-initialized to zeros.
>
> Since iw_cm_map() was using memcpy() to copy in the device name, and
> copying IWPM_DEVNAME_SIZE bytes, it ends up copying past the end of the
> source device name string and copying random bytes. This results in iwpmd
> failing the REGISTER_PID request from iwcm. Thus port mapping is broken.
>
> Validate the device and if names, and use strncpy() to inialize the
> entire message field.
>
> Fixes: 896de0090a85 ("RDMA/core: Use dev_name instead of ibdev->name")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Steve Wise <swise@xxxxxxxxxxxxxxxxxxxxx>
> ---
>
> Changes since v1:
> - rebased onto rdma/for-next
> - no need to initialize the iwpm_dev_data struct at declaration; strncpy()
> pads out zeros for the length of the dst buffer.
> - validate devname and ifname string lengths
>
> ---
>
> drivers/infiniband/core/iwcm.c | 12 ++++++++----
> 1 file changed, 8 insertions(+), 4 deletions(-)
Applied to for-next
Thanks
Jason
