Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp4251031imu; Mon, 24 Dec 2018 20:27:26 -0800 (PST) X-Google-Smtp-Source: AFSGD/UVzDOFatggVvdqzJz9WObsrGZw5ei8SG8BA5BWCIwnx6ty6CKwHximgUVYZ5T1fDLuTjpj X-Received: by 2002:a62:d701:: with SMTP id b1mr14988123pfh.34.1545712046621; Mon, 24 Dec 2018 20:27:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1545712046; cv=none; d=google.com; s=arc-20160816; b=Fu2kLfNZGxfZnmT88HSiTI/8m0bpanlDuMzdXpAiZRNJZwNnk6mrJ8RfQqsimJsCnm OBhPKpThPAaELL1W4KSniJbegOtaaTaWXzrAzk5AKX5afpTSd5k6q874WqrmM+vX+Zx/ N1lKRyHqM2ez2y9MeE2S0STeMZh0qfUWkleoC1QIYiWYOaUh/g8qDRUA7oeaOUb334UM +jrVlC5ahnRATk8NZHuMq7bexAJ/0Lq9T/k0MB98PGlm3RSi8aPwhto1/p2l54IYVyAD TjWwa2amTNHUejFtUkNwPnQsC14eBXQxwYqOsc5Pm4VNL2IyUqvIq0zwULUxLaKfDIse 74sQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=r9QJ5w0LbneZIN66FNI+7mL5D9oZNj0F3JQcsZMIQLw=; b=bTiAsqLiLGjxMNgdrk0+lVrdF5s0vFlHq31ju1//i7z46Rt3tfvDvi4XftxrUSw0aR iyAW8ql8Sii6FyCeeDqL4uXynpSElxECQQtdtA7sJ9ifVxOgMfWFK7U9lbaYZakqYV+x huuerh9qqeeZEdwCx3FqFr7vGcfl13oLJD6JGz5Sfb+b5xFatmUz0/1SBI49XyJ7asQP 2nOW/PwNguR38QEXgCLPVKSYOthIXTCWwS50hIFIn8H+BXt+mGft/3/JDzsyRXtYE/vg Nc4JIazr4W3DJ3YuvHE4B6xG7hM+bBKITAy5EZZ8z5egexRqG9VigXRLFd+EbM84gQ9D 4Brg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=pD3yOKzy; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j39si13689565plb.272.2018.12.24.20.27.11; Mon, 24 Dec 2018 20:27:26 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=pD3yOKzy; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725878AbeLYE0O (ORCPT + 99 others); Mon, 24 Dec 2018 23:26:14 -0500 Received: from mail.kernel.org ([198.145.29.99]:38072 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725806AbeLYE0O (ORCPT ); Mon, 24 Dec 2018 23:26:14 -0500 Received: from localhost (unknown [77.138.135.184]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id EC871218B0; Tue, 25 Dec 2018 04:26:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1545711973; bh=FIRIC3YZtGEyVeu1VBESTCi++oPa4WDn+jsOu+vNyqc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=pD3yOKzy0nE+/Z892JEmswpG0SqrKF4SRuVNQrWIJB/TZsgZlz48c7noW4Rl/C5a+ y+FuDc4pEv1EUPHQYBxP6GhZbHPKMT8u7un1CwGqdkFZrylPVuRFvb2TK9BDyn+xsu YjPZCXXavQLJpXc7KNYFXu4rVJp0Y66UzPTuIE74= Date: Tue, 25 Dec 2018 06:26:10 +0200 From: Leon Romanovsky To: Aditya Pakki Cc: kjlu@umn.edu, Michal Kalderon , Ariel Elior , Doug Ledford , Jason Gunthorpe , linux-rdma@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] infiniband/qedr: Potential null ptr dereference of qp Message-ID: <20181225042610.GC10329@mtr-leonro.mtl.com> References: <20181224182445.21256-1-pakki001@umn.edu> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="L6iaP+gRLNZHKoI4" Content-Disposition: inline In-Reply-To: <20181224182445.21256-1-pakki001@umn.edu> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --L6iaP+gRLNZHKoI4 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Dec 24, 2018 at 12:24:45PM -0600, Aditya Pakki wrote: > idr_find() may fail and return a NULL pointer. The fix checks the > return value of the function and returns an error in case of NULL. > > Signed-off-by: Aditya Pakki > --- > drivers/infiniband/hw/qedr/qedr_iw_cm.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/drivers/infiniband/hw/qedr/qedr_iw_cm.c b/drivers/infiniband/hw/qedr/qedr_iw_cm.c > index 505fa3648762..93b16237b767 100644 > --- a/drivers/infiniband/hw/qedr/qedr_iw_cm.c > +++ b/drivers/infiniband/hw/qedr/qedr_iw_cm.c > @@ -492,6 +492,8 @@ int qedr_iw_connect(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param) > int i; > > qp = idr_find(&dev->qpidr.idr, conn_param->qpn); > + if (unlikely(!qp)) > + return -EINVAL; As was already pointed, qedr is racy in their accesses to idr_find() and NULL pointer is less worry about their IDR code. > > laddr = (struct sockaddr_in *)&cm_id->m_local_addr; > raddr = (struct sockaddr_in *)&cm_id->m_remote_addr; > -- > 2.17.1 > --L6iaP+gRLNZHKoI4 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIcBAEBAgAGBQJcIbFiAAoJEORje4g2clinIpQP/jIB2bXORjzOzylSYEO/qpXb byJfdtJmObMHWtEc7po5slq+CxFMcQm1sOtLjocJIpEdfDoZle1eSoyxgQGY0+dg rt67ROoMHdiNxXqB5yPJvDdQHBT9/BBBtat5smuVAUxWGXGkpEz9ELI1J8OfaX1B 1GqkgZ10rIztXOc1xlkS9FyjThOtdScsXXKGz+JR6vKYMIybDlTLzOYnIwPtDw9o 45tyn15vKyah5SRqrSFL/cKpABbOjR8IW3qWR5TvJ46zmPewdO0VPs0NO27Hx+mn I/kZ4xhR8MPYfYsruOAsOBRrlej25T9BPpc3SufZjfA7U3yqIdPnkJI5MznfDS/x yiWhd9kmQXBSoeu5Ro/gXxltoVSrby4aVtoRMPSKhBGPixE0MvT7kIhlVa8ig2Of BbAUsH6uhkmT6pFABS+xsPOt5xLEjEgHpJIjV1ceij165OfnBgRUUSz3nmDlZLaz QYywBmIl1pAhzDb7KXHMvMYFeaKZ4Y+c5FvAQxPhe2JutdeBrYmf9cr3B0rMaXw8 nasvx0QvzUu4wmVIiAayYfGIk2IsqgnpXjGCIRiY2kBP6mh2t92v+rzl1TbjPe1b Dg571oyUPSU1TXGQt6Ao+sSb6aEbYO/b+fFNA/akpw5hTSKUFhSQAR8ttX5h8lHr rmAqYGwNqbHp3IF75vVc =XC4T -----END PGP SIGNATURE----- --L6iaP+gRLNZHKoI4--