Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f2d8a0b3 authored by Dasaratharaman Chandramouli's avatar Dasaratharaman Chandramouli Committed by Doug Ledford
Browse files

IB/hfi1: Fix ECN processing in prescan_rxq 



When processing ECN via the prescan_rxq path, some fields in the packet
structure are passed uninitialized. This can potentially
cause NULL pointer exceptions during ECN handling.

Reviewed-by: default avatarIra Weiny <ira.weiny@intel.com>
Reviewed-by: default avatarDennis Dalessandro <dennis.dalessandro@intel.com>
Signed-off-by: default avatarDasaratharaman Chandramouli <dasaratharaman.chandramouli@intel.com>
Signed-off-by: default avatarDennis Dalessandro <dennis.dalessandro@intel.com>
Signed-off-by: default avatarDoug Ledford <dledford@redhat.com>
parent 505efe3e

drivers/infiniband/hw/hfi1/driver.c

+11 −9
Original line number Diff line number Diff line
@@ -599,7 +599,6 @@ static void __prescan_rxq(struct hfi1_packet *packet) 
					 dd->rhf_offset;

		struct rvt_qp *qp;

		struct ib_header *hdr;

		struct ib_other_headers *ohdr;

		struct rvt_dev_info *rdi = &dd->verbs_dev.rdi;

		u64 rhf = rhf_to_cpu(rhf_addr);

		u32 etype = rhf_rcv_type(rhf), qpn, bth1;
@@ -615,18 +614,21 @@ static void __prescan_rxq(struct hfi1_packet *packet) 
		if (etype != RHF_RCV_TYPE_IB)

			goto next;



		hdr = hfi1_get_msgheader(dd, rhf_addr);

		packet->hdr = hfi1_get_msgheader(dd, rhf_addr);

		hdr = packet->hdr;



		lnh = be16_to_cpu(hdr->lrh[0]) & 3;



		if (lnh == HFI1_LRH_BTH)

			ohdr = &hdr->u.oth;

		else if (lnh == HFI1_LRH_GRH)

			ohdr = &hdr->u.l.oth;

		else

		if (lnh == HFI1_LRH_BTH) {

			packet->ohdr = &hdr->u.oth;

		} else if (lnh == HFI1_LRH_GRH) {

			packet->ohdr = &hdr->u.l.oth;

			packet->rcv_flags |= HFI1_HAS_GRH;

		} else {

			goto next; /* just in case */

		}



		bth1 = be32_to_cpu(ohdr->bth[1]);

		bth1 = be32_to_cpu(packet->ohdr->bth[1]);

		is_ecn = !!(bth1 & (HFI1_FECN_SMASK | HFI1_BECN_SMASK));



		if (!is_ecn)
@@ -646,7 +648,7 @@ static void __prescan_rxq(struct hfi1_packet *packet) 


		/* turn off BECN, FECN */

		bth1 &= ~(HFI1_FECN_SMASK | HFI1_BECN_SMASK);

		ohdr->bth[1] = cpu_to_be32(bth1);

		packet->ohdr->bth[1] = cpu_to_be32(bth1);

next:

		update_ps_mdata(&mdata, rcd);

	}