From: Honggang Li <honli@redhat.com>
To: roland@kernel.org, sean.hefty@intel.com,
hal.rosenstock@gmail.com, kaber@trash.net, davem@davemloft.net,
alex.estrin@intel.com, dledford@redhat.com, edumazet@google.com,
erezsh@mellanox.com, nicolas.dichtel@6wind.com,
maheshb@google.com, jbenc@redhat.com, ebiederm@xmission.com,
elfring@users.sourceforge.net, f.fainelli@gmail.com,
linux@roeck-us.net, andrew@lunn.ch, sfeldma@gmail.com,
alexander.h.duyck@intel.com, linux-rdma@vger.kernel.org,
linux-kernel@vger.kernel.org, netdev@vger.kernel.org
Cc: Honggang Li <honli@redhat.com>
Subject: [PATCH linux-next 1/4] infiniband/ipoib: fix possible NULL pointer dereference in ipoib_get_iflink
Date: Tue, 14 Apr 2015 23:20:14 +0800 [thread overview]
Message-ID: <1429024817-21561-2-git-send-email-honli@redhat.com> (raw)
In-Reply-To: <1429024817-21561-1-git-send-email-honli@redhat.com>
Starting monitoring for VG vg_rdma01: 3 logical volume(s) in volume
group "vg_rdma01" monitored
[ OK ]
Starting cgconfig service: Failed to parse /etc/cgconfig.conf or
/etc/cgconfig.d[FAILED]
Loading OpenIB kernel modules:
BUG: unable to handle kernel NULL pointer dereference at 0000000000000120
IP: [<ffffffffa06b9060>] ipoib_get_iflink+0x10/0x20 [ib_ipoib]
PGD 475540067 PUD 473541067 PMD 0
Oops: 0000 [#1] SMP
Modules linked in: ib_ipoib(+) rdma_ucm ib_ucm ib_uverbs ib_umad rdma_cm
ib_cm ib_sa vhost_net macvtap macvlan vhost tun ipmi_devintf sg ipmi_si
ipmi_msghandler serio_raw iTCO_wdt iTCO_vendor_support cdc_ether usbnet
mii bnx2 intel_powerclamp coretemp kvm_intel kvm crc32c_intel
ghash_clmulni_intel aesni_intel ablk_helper cryptd lrw gf128mul
glue_helper aes_x86_64 microcode pcspkr i2c_i801 i2c_core lpc_ich
mfd_core acpi_cpufreq ioatdma i7core_edac edac_core shpchp ext4(E)
jbd2(E) mbcache(E) sd_mod(E) megaraid_sas(E) pata_acpi(E) ata_generic(E)
ata_piix(E) iw_cxgb3(E) cxgb3(E) mdio(E) ib_qib(E) dca(E) ib_mad(E)
iw_cxgb4(E) iw_cm(E) ib_core(E) ib_addr(E) ipv6(E) cxgb4(E) dm_mirror(E)
dm_region_hash(E) dm_log(E) dm_mod(E)
CPU: 6 PID: 2405 Comm: modprobe Tainted: G E
4.0.0-next-20150413 #1
Hardware name: IBM System x3650 M3 -[7945O63]-/00D4062, BIOS
-[D6E157AUS-1.15]- 06/13/2012
task: ffff880476ad6f00 ti: ffff88047579c000 task.ti: ffff88047579c000
RIP: 0010:[<ffffffffa06b9060>] [<ffffffffa06b9060>]
ipoib_get_iflink+0x10/0x20 [ib_ipoib]
RSP: 0018:ffff88047579f9b8 EFLAGS: 00010286
RAX: 0000000000000000 RBX: ffff880476e2a000 RCX: 0000000000000000
RDX: 0000000000000004 RSI: ffff88047579fbb8 RDI: ffff880476e2a000
RBP: ffff88047579f9b8 R08: 0000000000000660 R09: ffff88047404f068
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8804736bec00
R13: ffff88047579fbb4 R14: ffff88047404f000 R15: 0000000000000009
FS: 00007fc047a2e700(0000) GS:ffff88047fc00000(0000)
knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000000120 CR3: 000000047541f000 CR4: 00000000000006e0
Stack:
ffff88047579f9c8 ffffffff814fbfa3 ffff88047579fbe8 ffffffff81515a15
0000000000000005 ffff880476e2a280 0000000000000005 0000000000000014
ffff88047579fa48 ffffffff8150a577 0000000000000000 ffff8804ffffffff
Call Trace:
[<ffffffff814fbfa3>] dev_get_iflink+0x23/0x40
[<ffffffff81515a15>] rtnl_fill_ifinfo+0x255/0xce0
[<ffffffff8150a577>] ? __hw_addr_create_ex+0x97/0xc0
[<ffffffff815d32bb>] ? _raw_spin_unlock_bh+0x1b/0x20
[<ffffffff8150a8e5>] ? __dev_mc_add+0x75/0x90
[<ffffffffa00a115c>] ? igmp6_group_added+0x5c/0x130 [ipv6]
[<ffffffff8119c6cc>] ? __kmalloc_node_track_caller+0x3c/0x50
[<ffffffff814f0f0b>] ? __kmalloc_reserve+0x3b/0xa0
[<ffffffff814f12f8>] ? __alloc_skb+0xa8/0x1f0
[<ffffffff81516783>] rtmsg_ifinfo_build_skb+0x83/0xe0
[<ffffffff81078fa6>] ? raw_notifier_call_chain+0x16/0x20
[<ffffffff81516801>] rtmsg_ifinfo+0x21/0x40
[<ffffffff81504eaf>] register_netdevice+0x38f/0x400
[<ffffffff81504f3e>] register_netdev+0x1e/0x30
[<ffffffffa06bc204>] ipoib_add_port.clone.0+0x214/0x390 [ib_ipoib]
[<ffffffffa06bc447>] ipoib_add_one+0xc7/0x110 [ib_ipoib]
[<ffffffffa00f9d4d>] ib_register_client+0x7d/0xa0 [ib_core]
[<ffffffffa06ce000>] ? 0xffffffffa06ce000
[<ffffffffa06ce0f2>] ipoib_init_module+0xf2/0x13c [ib_ipoib]
[<ffffffff81000287>] do_one_initcall+0xb7/0x1d0
[<ffffffff810d8189>] do_init_module+0x69/0x200
[<ffffffff810da985>] load_module+0x5b5/0x730
[<ffffffff810d79b0>] ? mod_sysfs_teardown+0x150/0x150
[<ffffffff81183232>] ? __vmalloc+0x22/0x30
[<ffffffff810d73c0>] ? module_sect_show+0x30/0x30
[<ffffffff810dac84>] SyS_init_module+0x94/0xc0
[<ffffffff815d3997>] system_call_fastpath+0x12/0x6a
Code: 66 66 66 90 b9 1e 00 00 00 48 89 f0 48 8d 77 08 48 89 c7 f3 48 a5
c9 c3 0f 1f 00 55 48 89 e5 66 66 66 66 90 48 8b 87 e8 13 00 00 <8b> 80
20 01 00 00 c9 c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 66
RIP [<ffffffffa06b9060>] ipoib_get_iflink+0x10/0x20 [ib_ipoib]
RSP <ffff88047579f9b8>
CR2: 0000000000000120
---[ end trace a8610f6e9640eb85 ]---
Signed-off-by: Honggang Li <honli@redhat.com>
---
drivers/infiniband/ulp/ipoib/ipoib_main.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/infiniband/ulp/ipoib/ipoib_main.c b/drivers/infiniband/ulp/ipoib/ipoib_main.c
index 657b89b..11ea6e2 100644
--- a/drivers/infiniband/ulp/ipoib/ipoib_main.c
+++ b/drivers/infiniband/ulp/ipoib/ipoib_main.c
@@ -846,7 +846,10 @@ static int ipoib_get_iflink(const struct net_device *dev)
{
struct ipoib_dev_priv *priv = netdev_priv(dev);
- return priv->parent->ifindex;
+ if (priv && priv->parent)
+ return priv->parent->ifindex;
+ else
+ return 0;
}
static u32 ipoib_addr_hash(struct ipoib_neigh_hash *htbl, u8 *daddr)
--
1.8.3.1
next prev parent reply other threads:[~2015-04-14 15:20 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-14 15:20 [PATCH linux-next 0/4] fix possile NULL pointer dereference in ndo_get_iflink callback functions Honggang Li
2015-04-14 15:20 ` Honggang Li [this message]
[not found] ` <1429024817-21561-2-git-send-email-honli-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2015-04-14 15:34 ` [PATCH linux-next 1/4] infiniband/ipoib: fix possible NULL pointer dereference in ipoib_get_iflink Eric Dumazet
[not found] ` <1429025673.7346.37.camel-XN9IlZ5yJG9HTL0Zs8A6p/gx64E7kk8eUsxypvmhUTTZJqsBc5GL+g@public.gmane.org>
2015-04-14 15:44 ` Honggang LI
[not found] ` <20150414154422.GB21856-9l7K0WC0B0wP68cbUhXDDlaTQe2KTcn/@public.gmane.org>
2015-04-14 15:49 ` Nicolas Dichtel
[not found] ` <552D3723.9050706-pdR9zngts4EAvxtiuMwx3w@public.gmane.org>
2015-04-14 15:53 ` Honggang LI
[not found] ` <20150414155307.GD21856-9l7K0WC0B0wP68cbUhXDDlaTQe2KTcn/@public.gmane.org>
2015-04-14 16:14 ` Eric Dumazet
2015-04-14 16:01 ` Yann Droneaud
[not found] ` <1429027293.4333.5.camel-RlY5vtjFyJ3QT0dZR+AlfA@public.gmane.org>
2015-04-14 16:44 ` Nicolas Dichtel
2015-04-14 16:30 ` Erez Shitrit
[not found] ` <CAAk-MO-O9sjHQvDfCEuzJJPvUMXJTuRaCzrCkB0xc1DUfK8Aew-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-04-14 16:46 ` Nicolas Dichtel
2015-04-14 20:41 ` Jason Gunthorpe
[not found] ` <20150414204133.GJ7682-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2015-04-15 5:24 ` Or Gerlitz
2015-04-15 6:17 ` Erez Shitrit
[not found] ` <552E026A.4020200-LDSdmyG8hGV8YrgS2mwiifqBs+8SCbDb@public.gmane.org>
2015-04-15 16:06 ` Jason Gunthorpe
[not found] ` <20150415160623.GA4653-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2015-04-16 11:27 ` Erez Shitrit
2015-04-15 5:16 ` Honggang LI
[not found] ` <20150415051640.GB4881-9l7K0WC0B0wP68cbUhXDDlaTQe2KTcn/@public.gmane.org>
2015-04-15 6:57 ` Honggang LI
2015-04-14 15:20 ` [PATCH linux-next 2/4] ipvlan: fix possible NULL pointer dereference in ipvlan_get_iflink Honggang Li
[not found] ` <1429024817-21561-1-git-send-email-honli-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2015-04-14 15:20 ` [PATCH linux-next 3/4] macvlan: fix possible NULL pointer dereference in macvlan_dev_get_iflink Honggang Li
2015-04-14 15:26 ` Patrick McHardy
2015-04-14 15:32 ` Honggang LI
2015-04-14 15:35 ` Patrick McHardy
2015-04-14 17:47 ` David Miller
2015-04-14 15:35 ` Nicolas Dichtel
[not found] ` <552D33B0.6040808-pdR9zngts4EAvxtiuMwx3w@public.gmane.org>
2015-04-14 15:37 ` Andrew Lunn
2015-04-14 15:46 ` Honggang LI
2015-04-14 15:20 ` [PATCH linux-next 4/4] net/dsa: fix possible NULL pointer dereference in dsa_slave_get_iflink Honggang Li
[not found] ` <1429024817-21561-5-git-send-email-honli-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2015-04-14 15:55 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1429024817-21561-2-git-send-email-honli@redhat.com \
--to=honli@redhat.com \
--cc=alex.estrin@intel.com \
--cc=alexander.h.duyck@intel.com \
--cc=andrew@lunn.ch \
--cc=davem@davemloft.net \
--cc=dledford@redhat.com \
--cc=ebiederm@xmission.com \
--cc=edumazet@google.com \
--cc=elfring@users.sourceforge.net \
--cc=erezsh@mellanox.com \
--cc=f.fainelli@gmail.com \
--cc=hal.rosenstock@gmail.com \
--cc=jbenc@redhat.com \
--cc=kaber@trash.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=linux@roeck-us.net \
--cc=maheshb@google.com \
--cc=netdev@vger.kernel.org \
--cc=nicolas.dichtel@6wind.com \
--cc=roland@kernel.org \
--cc=sean.hefty@intel.com \
--cc=sfeldma@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).