• Muneendra Kumar M's avatar
    IB/core : Add null pointer check in addr_resolve · 4cd482c1
    Muneendra Kumar M authored
    dev_get_by_index is being called in addr_resolve
    function which returns NULL and NULL pointer access
    leads to kernel crash.
    
    Following call trace is observed while running
    rdma_lat test application
    
    [  146.173149] BUG: unable to handle kernel NULL pointer dereference
    at 00000000000004a0
    [  146.173198] IP: addr_resolve+0x9e/0x3e0 [ib_core]
    [  146.173221] PGD 0 P4D 0
    [  146.173869] Oops: 0000 [#1] SMP PTI
    [  146.182859] CPU: 8 PID: 127 Comm: kworker/8:1 Tainted: G  O 4.15.0-rc6+ #18
    [  146.183758] Hardware name: LENOVO System x3650 M5: -[8871AC1]-/01KN179,
     BIOS-[TCE132H-2.50]- 10/11/2017
    [  146.184691] Workqueue: ib_cm cm_work_handler [ib_cm]
    [  146.185632] RIP: 0010:addr_resolve+0x9e/0x3e0 [ib_core]
    [  146.186584] RSP: 0018:ffffc9000362faa0 EFLAGS: 00010246
    [  146.187521] RAX: 000000000000001b RBX: ffffc9000362fc08 RCX:
    0000000000000006
    [  146.188472] RDX: 0000000000000000 RSI: 0000000000000096 RDI
    : ffff88087fc16990
    [  146.189427] RBP: ffffc9000362fb18 R08: 00000000ffffff9d R09:
    00000000000004ac
    [  146.190392] R10: 00000000000001e7 R11: 0000000000000001 R12:
    ffff88086af2e090
    [  146.191361] R13: 0000000000000000 R14: 0000000000000001 R15:
    00000000ffffff9d
    [  146.192327] FS:  0000000000000000(0000) GS:ffff88087fc00000(0000)
    knlGS:0000000000000000
    [  146.193301] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    [  146.194274] CR2: 00000000000004a0 CR3: 000000000220a002 CR4:
    00000000003606e0
    [  146.195258] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
    0000000000000000
    [  146.196256] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
    0000000000000400
    [  146.197231] Call Trace:
    [  146.198209]  ? rdma_addr_register_client+0x30/0x30 [ib_core]
    [  146.199199]  rdma_resolve_ip+0x1af/0x280 [ib_core]
    [  146.200196]  rdma_addr_find_l2_eth_by_grh+0x154/0x2b0 [ib_core]
    
    The below patch adds the missing NULL pointer check
    returned by dev_get_by_index before accessing the netdev to
    avoid kernel crash.
    
    We observed the below crash when we try to do the below test.
    
     server                       client
     ---------                    ---------
     |1.1.1.1|<----rxe-channel--->|1.1.1.2|
     ---------                    ---------
    
    On server: rdma_lat -c -n 2 -s 1024
    On client:rdma_lat 1.1.1.1 -c -n 2 -s 1024
    
    Fixes: 20029832 ("IB/core: Validate route when we init ah")
    Signed-off-by: default avatarMuneendra <muneendra.kumar@broadcom.com>
    Signed-off-by: default avatarJason Gunthorpe <jgg@mellanox.com>
    4cd482c1
addr.c 19.8 KB