[PATCH net] bnx2x: Prevent null pointer dereference in AFEX mode

Netdev List
 help / color / mirror / Atom feed

* [PATCH net] bnx2x: Prevent null pointer dereference in AFEX mode
@ 2013-04-10 10:34 Yuval Mintz
  2013-04-10 19:27 ` David Miller
  0 siblings, 1 reply; 2+ messages in thread
From: Yuval Mintz @ 2013-04-10 10:34 UTC (permalink / raw)
  To: davem, netdev; +Cc: Yuval Mintz, Ariel Elior, Eilon Greenstein

The cnic module is responsible for initializing various bnx2x structs
via callbacks provided by the bnx2x module.
One such struct is the queue object for the FCoE queue.

If a device is working in AFEX mode and its configuration allows FCoE yet 
the cnic module is not loaded, it's very likely a null pointer dereference
will occur, as the bnx2x will erroneously access the FCoE's queue object.

Prevent said access until cnic properly registers itself.

Signed-off-by: Yuval Mintz <yuvalmin@broadcom.com>
Signed-off-by: Ariel Elior <ariele@broadcom.com>
Signed-off-by: Eilon Greenstein <eilong@broadcom.com>
---
Hi Dave,

This small patch prevents a possible null pointer dereference in bnx2x.

Please consider applying it to `net'.

Thanks,
Yuval
---
 drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
index fdfe33b..25df400 100644
--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
+++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
@@ -4959,7 +4959,7 @@ static void bnx2x_after_function_update(struct bnx2x *bp)
 				  q);
 	}
 
-	if (!NO_FCOE(bp)) {
+	if (!NO_FCOE(bp) && CNIC_ENABLED(bp)) {
 		fp = &bp->fp[FCOE_IDX(bp)];
 		queue_params.q_obj = &bnx2x_sp_obj(bp, fp).q_obj;
 
@@ -13450,6 +13450,7 @@ static int bnx2x_unregister_cnic(struct net_device *dev)
 	RCU_INIT_POINTER(bp->cnic_ops, NULL);
 	mutex_unlock(&bp->cnic_mutex);
 	synchronize_rcu();
+	bp->cnic_enabled = false;
 	kfree(bp->cnic_kwq);
 	bp->cnic_kwq = NULL;
 
-- 
1.8.1.227.g44fe835

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH net] bnx2x: Prevent null pointer dereference in AFEX mode
  2013-04-10 10:34 [PATCH net] bnx2x: Prevent null pointer dereference in AFEX mode Yuval Mintz
@ 2013-04-10 19:27 ` David Miller
  0 siblings, 0 replies; 2+ messages in thread
From: David Miller @ 2013-04-10 19:27 UTC (permalink / raw)
  To: yuvalmin; +Cc: netdev, ariele, eilong

From: "Yuval Mintz" <yuvalmin@broadcom.com>
Date: Wed, 10 Apr 2013 13:34:39 +0300

> The cnic module is responsible for initializing various bnx2x structs
> via callbacks provided by the bnx2x module.
> One such struct is the queue object for the FCoE queue.
> 
> If a device is working in AFEX mode and its configuration allows FCoE yet 
> the cnic module is not loaded, it's very likely a null pointer dereference
> will occur, as the bnx2x will erroneously access the FCoE's queue object.
> 
> Prevent said access until cnic properly registers itself.
> 
> Signed-off-by: Yuval Mintz <yuvalmin@broadcom.com>
> Signed-off-by: Ariel Elior <ariele@broadcom.com>
> Signed-off-by: Eilon Greenstein <eilong@broadcom.com>

Applied, thanks.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2013-04-10 19:27 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-04-10 10:34 [PATCH net] bnx2x: Prevent null pointer dereference in AFEX mode Yuval Mintz
2013-04-10 19:27 ` David Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox