Re: [patch 03/83] cxgb3: Fix kernel crash caused by uninitialized l2t_entry.arpq

From: Stefan Lippers-Hollmann
Date: Thu Dec 11 2008 - 16:12:48 EST

Next message: LINUX NEWBIE: "Re: Add new capture device driver in Linux"
Previous message: Sam Ravnborg: "Re: [PATCH][RFC 2/23]: SCST core"
In reply to: Greg KH: "[patch 03/83] cxgb3: Fix kernel crash caused by uninitializedl2t_entry.arpq"
Next in thread: Greg KH: "Re: [patch 03/83] cxgb3: Fix kernel crash caused by uninitializedl2t_entry.arpq"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi

On Donnerstag, 11. Dezember 2008, Greg KH wrote:
> 2.6.27-stable review patch. If anyone has any objections, please let us know.
>
> ------------------
>
> From: Roland Dreier <rdreier@xxxxxxxxx>
>
> [ Upstream commit 6d329af9967e7ab3f4a3d7f1e8ef87539c3a069f ]
>
> Commit 147e70e6 ("cxgb3: Use SKB list interfaces instead of home-grown
> implementation.") causes a crash in t3_l2t_send_slow() when an iWARP
> connection request is received. This is because the new l2t_entry.arpq
> skb queue is never initialized, and therefore trying to add an skb to
> it causes a NULL dereference. With the old code there was no need to
> initialize the queues because the l2t_entry structures were zeroed,
> and the code used NULL to mean empty.
>
> Fix this by adding __skb_queue_head_init() when all the l2t_entry
> structures get allocated.

This patch doesn't compile.

> Signed-off-by: Roland Dreier <rolandd@xxxxxxxxx>
> Signed-off-by: Jeff Garzik <jgarzik@xxxxxxxxxx>
> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
>
> ---
> drivers/net/cxgb3/l2t.c | 1 +
> 1 file changed, 1 insertion(+)
>
> --- a/drivers/net/cxgb3/l2t.c
> +++ b/drivers/net/cxgb3/l2t.c
> @@ -436,6 +436,7 @@ struct l2t_data *t3_init_l2t(unsigned in
> for (i = 0; i < l2t_capacity; ++i) {
> d->l2tab[i].idx = i;
> d->l2tab[i].state = L2T_STATE_UNUSED;
> + __skb_queue_head_init(&d->l2tab[i].arpq);
> spin_lock_init(&d->l2tab[i].lock);
> atomic_set(&d->l2tab[i].refcnt, 0);
> }

CC [M] drivers/net/cxgb3/cxgb3_main.o
CC [M] drivers/net/cxgb3/ael1002.o
CC [M] drivers/net/cxgb3/vsc8211.o
CC [M] drivers/net/cxgb3/t3_hw.o
CC [M] drivers/net/cxgb3/mc5.o
CC [M] drivers/net/cxgb3/xgmac.o
CC [M] drivers/net/cxgb3/sge.o
CC [M] drivers/net/cxgb3/l2t.o
drivers/net/cxgb3/l2t.c: In function ât3_init_l2tâ:
drivers/net/cxgb3/l2t.c:439: error: implicit declaration of function â__skb_queue_head_initâ
drivers/net/cxgb3/l2t.c:439: error: âstruct l2t_entryâ has no member named âarpqâ
make[3]: *** [drivers/net/cxgb3/l2t.o] Error 1
make[2]: *** [drivers/net/cxgb3] Error 2
make[1]: *** [drivers/net] Error 2
make: *** [drivers] Error 2

It seems to depend on

commit 147e70e62fdd5af6263106ad634b03c5154c1e56
Author: David S. Miller <davem@xxxxxxxxxxxxx>
Date: Mon Sep 22 01:29:52 2008 -0700

cxgb3: Use SKB list interfaces instead of home-grown implementation.

Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>

Regards
Stefan Lippers-Hollmann

Attachment: signature.asc
Description: This is a digitally signed message part.

Next message: LINUX NEWBIE: "Re: Add new capture device driver in Linux"
Previous message: Sam Ravnborg: "Re: [PATCH][RFC 2/23]: SCST core"
In reply to: Greg KH: "[patch 03/83] cxgb3: Fix kernel crash caused by uninitializedl2t_entry.arpq"
Next in thread: Greg KH: "Re: [patch 03/83] cxgb3: Fix kernel crash caused by uninitializedl2t_entry.arpq"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]