From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EA78F28369 for ; Wed, 15 Nov 2023 20:51:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="fNz8rbKQ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 97320C4E67A; Wed, 15 Nov 2023 20:51:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1700081462; bh=YFj9lhX17gpc1/QglWF18ArK+sYQhT7JcRsnVJQB+1E=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fNz8rbKQH33uQVWxdwdYfW/tzGzg+S+KQ7X/kGuJJFOhm0+iAqHa+DXjZmXWO4oZO PlETd9pk8f92nEvdjBCqPEx2HyhB68AYxd86s76aBs4g5+udT+z2xau71yES25udcM edLW66/wATOKakdmanDTVs/61RkZEmFcC1wuXGe8= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, Chengchang Tang , Junxian Huang , Leon Romanovsky , Sasha Levin Subject: [PATCH 5.15 142/244] RDMA/hns: Fix uninitialized ucmd in hns_roce_create_qp_common() Date: Wed, 15 Nov 2023 15:35:34 -0500 Message-ID: <20231115203556.869868750@linuxfoundation.org> X-Mailer: git-send-email 2.42.1 In-Reply-To: <20231115203548.387164783@linuxfoundation.org> References: <20231115203548.387164783@linuxfoundation.org> User-Agent: quilt/0.67 X-stable: review X-Patchwork-Hint: ignore Precedence: bulk X-Mailing-List: patches@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit 5.15-stable review patch. If anyone has any objections, please let me know. ------------------ From: Chengchang Tang [ Upstream commit c64e9710f9241e38a1c761ed1c1a30854784da66 ] ucmd in hns_roce_create_qp_common() are not initialized. But it works fine until new member sdb_addr is added to struct hns_roce_ib_create_qp. If the user-mode driver uses an old version ABI, then the value of the new member will be undefined after ib_copy_from_udata(). This patch fixes it by initialize this variable to 0. And the default value of the new member sdb_addr will be 0 which is invalid. Fixes: 0425e3e6e0c7 ("RDMA/hns: Support flush cqe for hip08 in kernel space") Signed-off-by: Chengchang Tang Signed-off-by: Junxian Huang Link: https://lore.kernel.org/r/20231017125239.164455-3-huangjunxian6@hisilicon.com Signed-off-by: Leon Romanovsky Signed-off-by: Sasha Levin --- drivers/infiniband/hw/hns/hns_roce_qp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/infiniband/hw/hns/hns_roce_qp.c b/drivers/infiniband/hw/hns/hns_roce_qp.c index 00dade1cfff20..d085998b19c87 100644 --- a/drivers/infiniband/hw/hns/hns_roce_qp.c +++ b/drivers/infiniband/hw/hns/hns_roce_qp.c @@ -1049,7 +1049,7 @@ static int hns_roce_create_qp_common(struct hns_roce_dev *hr_dev, { struct hns_roce_ib_create_qp_resp resp = {}; struct ib_device *ibdev = &hr_dev->ib_dev; - struct hns_roce_ib_create_qp ucmd; + struct hns_roce_ib_create_qp ucmd = {}; int ret; mutex_init(&hr_qp->mutex); -- 2.42.0