On 06/16/2017 07:56 AM, James Smart wrote:
> There is a null pointer dereference that can happen in the FOF interrupt
> handler.
>
> The driver was not setting up cq->assoc_qp_for sli4_hba->oas_cq.
>
> Initialize cq->assoc_qp before accessing it.
>
> Signed-off-by: Dick Kennedy <dick.kennedy@xxxxxxxxxxxx>
> Signed-off-by: James Smart <james.smart@xxxxxxxxxxxx>
> ---
> drivers/scsi/lpfc/lpfc_sli.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/scsi/lpfc/lpfc_sli.c b/drivers/scsi/lpfc/lpfc_sli.c
> index 040575adf9c6..4f2cc395597e 100644
> --- a/drivers/scsi/lpfc/lpfc_sli.c
> +++ b/drivers/scsi/lpfc/lpfc_sli.c
> @@ -13560,6 +13560,9 @@ lpfc_sli4_fof_handle_eqe(struct lpfc_hba *phba, struct lpfc_eqe *eqe)
> return;
> }
>
> + /* Save EQ associated with this CQ */
> + cq->assoc_qp = phba->sli4_hba.fof_eq;
> +
> /* Process all the entries to the OAS CQ */
> while ((cqe = lpfc_sli4_cq_get(cq))) {
> workposted |= lpfc_sli4_fp_handle_cqe(phba, cq, cqe);
>
Reviewed-by: Hannes Reinecke <hare@xxxxxxxx>
Cheers,
Hannes
--
Dr. Hannes Reinecke Teamlead Storage & Networking
hare@xxxxxxx +49 911 74053 688
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: F. Imendörffer, J. Smithard, J. Guild, D. Upmanyu, G. Norton
HRB 21284 (AG Nürnberg)
