Received: by 2002:a05:7412:37c9:b0:e2:908c:2ebd with SMTP id jz9csp116327rdb;
        Mon, 18 Sep 2023 09:39:28 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IEDbv9xmKkJVlj+10tpNdP5vxd3BzjOayXoUCMpT73CH3lttJwoxoZlNrsF2a/+Q9o9yytZ
X-Received: by 2002:a92:dccc:0:b0:34b:b16d:aa38 with SMTP id b12-20020a92dccc000000b0034bb16daa38mr10659605ilr.29.1695055168055;
        Mon, 18 Sep 2023 09:39:28 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1695055168; cv=none;
        d=google.com; s=arc-20160816;
        b=OSfA7joar99F6TZ6GOV7JZBsH8fTVOlNNMRq8OE8LBotnGUxpLvqM3kVMO1DuP+zoN
         cTScJ6q4wILD1UZl2P1bqDWqjROoxp8UrAMVnEBy5LifLLqle5biZBd7N4SWVwMnu5uH
         pnKAJZa0mH7DXSPVzb6zf9PBb+QsgdF3d6/Ie5hSxThiFHbDI6lBjz9MLIiHFEZ31XcP
         ZuO8BGIu7LNDYb73Lh1iCM6Ti02CL8e8pOhjFqM5GMZxWNGVvZFAZs9Un/MYSxX3zEzJ
         HKVrLyv4CcrepVxBJZrHyKRSAxiP66tZdd1Nz/NFZQFeXuNOqu3hSWGRmITiyZ4/1aEL
         RY0g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from;
        bh=IytEPXRcUnxP4uaX+mZLwtKkUxhmioWlAp7uSdhnqs8=;
        fh=Cg6VkJunOXCGlz4Bh2WBikHvCfmyACRCN7rAZRfbiGo=;
        b=U26cN3OkhImvB5kFHLS9GsIjwROsFNnGbHndMTeKjPJYP2nDIQz+5JK6ynbqb0O6d/
         nstuEmHRFBXLM8RiP7A2zGRLnDnel0HHEBj8N+T6SbboAmtKcUXsdLBajeP52pAE0P+0
         Xy0H3WXoeU9/d2/dClimnI26bLe6P3jTIj0xxW4rLj406yRQEBJ4GHvoyNNXKyNA3F+y
         zr8N+UkWd+O/53IxumM/xeyWhDGLwYmGNLLkn7SZJkG2w2Tb8bNG8W9Pu5trGYroNbv8
         ANLMHaz/pqDtf87XI5JsDO7/9ZuFsdcoDNtT9kuQS6CUyGqpaMtPnjd8K6llZ7JIEz/o
         dETw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=red-soft.ru
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from morse.vger.email (morse.vger.email. [23.128.96.31])
        by mx.google.com with ESMTPS id y190-20020a638ac7000000b00577a9ed62e7si8276746pgd.405.2023.09.18.09.39.27
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 18 Sep 2023 09:39:28 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) client-ip=23.128.96.31;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=red-soft.ru
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by morse.vger.email (Postfix) with ESMTP id BEB85801CEE0;
	Mon, 18 Sep 2023 09:29:34 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229865AbjIRQ32 (ORCPT <rfc822;bh1scw@gmail.com> + 99 others);
        Mon, 18 Sep 2023 12:29:28 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40912 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230107AbjIRQ3G (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 18 Sep 2023 12:29:06 -0400
Received: from gw.red-soft.ru (red-soft.ru [188.246.186.2])
        by lindbergh.monkeyblade.net (Postfix) with ESMTP id 99651449D;
        Mon, 18 Sep 2023 09:25:51 -0700 (PDT)
Received: from localhost.biz (unknown [10.81.81.211])
        by gw.red-soft.ru (Postfix) with ESMTPA id 5C95F3E19AE;
        Mon, 18 Sep 2023 16:56:28 +0300 (MSK)
From:   Artem Chernyshev <artem.chernyshev@red-soft.ru>
To:     Santosh Shilimkar <santosh.shilimkar@oracle.com>
Cc:     Artem Chernyshev <artem.chernyshev@red-soft.ru>,
        "David S . Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Jakub Kicinski <kuba@kernel.org>,
        Paolo Abeni <pabeni@redhat.com>, netdev@vger.kernel.org,
        linux-rdma@vger.kernel.org, rds-devel@oss.oracle.com,
        linux-kernel@vger.kernel.org, lvc-project@linuxtesting.org
Subject: [PATCH] net: rds: Fix possible NULL-pointer dereference
Date:   Mon, 18 Sep 2023 16:56:23 +0300
Message-Id: <20230918135623.630654-1-artem.chernyshev@red-soft.ru>
X-Mailer: git-send-email 2.37.3
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-KLMS-Rule-ID: 1
X-KLMS-Message-Action: clean
X-KLMS-AntiSpam-Lua-Profiles: 179930 [Sep 18 2023]
X-KLMS-AntiSpam-Version: 5.9.59.0
X-KLMS-AntiSpam-Envelope-From: artem.chernyshev@red-soft.ru
X-KLMS-AntiSpam-Rate: 0
X-KLMS-AntiSpam-Status: not_detected
X-KLMS-AntiSpam-Method: none
X-KLMS-AntiSpam-Auth: dkim=none
X-KLMS-AntiSpam-Info: LuaCore: 530 530 ecb1547b3f72d1df4c71c0b60e67ba6b4aea5432, {Tracking_from_domain_doesnt_match_to}, d41d8cd98f00b204e9800998ecf8427e.com:7.1.1;red-soft.ru:7.1.1;localhost.biz:7.1.1;127.0.0.199:7.1.2, FromAlignment: s
X-MS-Exchange-Organization-SCL: -1
X-KLMS-AntiSpam-Interceptor-Info: scan successful
X-KLMS-AntiPhishing: Clean, bases: 2023/09/18 10:00:00
X-KLMS-AntiVirus: Kaspersky Security for Linux Mail Server, version 8.0.3.30, bases: 2023/09/18 03:27:00 #21914376
X-KLMS-AntiVirus-Status: Clean, skipped
X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable
	autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Mon, 18 Sep 2023 09:29:34 -0700 (PDT)

In rds_rdma_cm_event_handler_cmn() check, if conn pointer exists 
before dereferencing it as rdma_set_service_type() argument

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Fixes: fd261ce6a30e ("rds: rdma: update rdma transport for tos")
Signed-off-by: Artem Chernyshev <artem.chernyshev@red-soft.ru>
---
 net/rds/rdma_transport.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/net/rds/rdma_transport.c b/net/rds/rdma_transport.c
index d36f3f6b4351..b506d9bd215c 100644
--- a/net/rds/rdma_transport.c
+++ b/net/rds/rdma_transport.c
@@ -86,11 +86,13 @@ static int rds_rdma_cm_event_handler_cmn(struct rdma_cm_id *cm_id,
 		break;
 
 	case RDMA_CM_EVENT_ADDR_RESOLVED:
-		rdma_set_service_type(cm_id, conn->c_tos);
-		rdma_set_min_rnr_timer(cm_id, IB_RNR_TIMER_000_32);
-		/* XXX do we need to clean up if this fails? */
-		ret = rdma_resolve_route(cm_id,
-					 RDS_RDMA_RESOLVE_TIMEOUT_MS);
+		if (conn) {
+			rdma_set_service_type(cm_id, conn->c_tos);
+			rdma_set_min_rnr_timer(cm_id, IB_RNR_TIMER_000_32);
+			/* XXX do we need to clean up if this fails? */
+			ret = rdma_resolve_route(cm_id,
+						 RDS_RDMA_RESOLVE_TIMEOUT_MS);
+		}
 		break;
 
 	case RDMA_CM_EVENT_ROUTE_RESOLVED:
-- 
2.37.3