On Wed, 2019-07-31 at 16:03 +0530, Krishnamraju Eraparaju wrote:
> while processing MPA Reply, SIW driver is trying to read extra 4 bytes
> than what peer has advertised as private data length.
>
> If a FPDU data is received before even siw_recv_mpa_rr() completed
> reading MPA reply, then ksock_recv() in siw_recv_mpa_rr() could also
> read FPDU, if "size" is larger than advertised MPA reply length.
>
> 501 static int siw_recv_mpa_rr(struct siw_cep *cep)
> 502 {
> .............
> 572
> 573 if (rcvd > to_rcv)
> 574 return -EPROTO; <----- Failure here
>
> Looks like the intention here is to throw an ERROR if the received
> data
> is more than the total private data length advertised by the peer. But
> reading beyond MPA message causes siw_cm to generate
> RDMA_CM_EVENT_CONNECT_ERROR event when TCP socket recv buffer is
> already
> queued with FPDU messages.
>
> Hence, this function should only read upto private data length.
>
> Signed-off-by: Krishnamraju Eraparaju <krishna2@xxxxxxxxxxx>
Once you apply this patch, the if (rcvd > to_rcv) test you listed above
in the commit message becomes dead code. So I removed it while applying
the patch. Thanks.
--
Doug Ledford <dledford@xxxxxxxxxx>
GPG KeyID: B826A3330E572FDD
Fingerprint = AE6B 1BDA 122B 23B4 265B 1274 B826 A333 0E57 2FDD
Attachment:
signature.asc
Description: This is a digitally signed message part
