| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170523071349.GF17751@mtr-leonro.local>
Date: Tue, 23 May 2017 10:13:49 +0300
From: Leon Romanovsky <leon@...nel.org>
To: "Gustavo A. R. Silva" <garsilva@...eddedor.com>,
Ram Amrani <ram.amrani@...ium.com>
Cc: Doug Ledford <dledford@...hat.com>,
Sean Hefty <sean.hefty@...el.com>,
Hal Rosenstock <hal.rosenstock@...il.com>,
linux-rdma@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] infiniband: hw: qedr: add null check before pointer
dereference
On Mon, May 22, 2017 at 01:30:15PM -0500, Gustavo A. R. Silva wrote:
> Add null check before dereferencing pointer sgid_attr.ndev
> inside function rdma_vlan_dev_vlan_id().
>
> Addresses-Coverity-ID: 1373979
> Signed-off-by: Gustavo A. R. Silva <garsilva@...eddedor.com>
> ---
> drivers/infiniband/hw/qedr/qedr_cm.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
+ Ram,
Ram, IB part of qedr driver doesn't exist in MAINTAINERS file.
>
> diff --git a/drivers/infiniband/hw/qedr/qedr_cm.c b/drivers/infiniband/hw/qedr/qedr_cm.c
> index 3d7705c..d86dbe8 100644
> --- a/drivers/infiniband/hw/qedr/qedr_cm.c
> +++ b/drivers/infiniband/hw/qedr/qedr_cm.c
> @@ -270,11 +270,13 @@ static inline int qedr_gsi_build_header(struct qedr_dev *dev,
> return rc;
> }
>
> - vlan_id = rdma_vlan_dev_vlan_id(sgid_attr.ndev);
> - if (vlan_id < VLAN_CFI_MASK)
> - has_vlan = true;
> - if (sgid_attr.ndev)
> + if (sgid_attr.ndev) {
> + vlan_id = rdma_vlan_dev_vlan_id(sgid_attr.ndev);
> + if (vlan_id < VLAN_CFI_MASK)
> + has_vlan = true;
> +
> dev_put(sgid_attr.ndev);
> + }
I do agree that it is better than kernel panic trying to access NULL
pointer, but I'm not sure that retaining default vlan_id = 0 is correct
solution here.
>
> if (!memcmp(&sgid, &zgid, sizeof(sgid))) {
> DP_ERR(dev, "gsi post send: GID not found GID index %d\n",
> --
> 2.5.0
>
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists