Re: [PATCH net] net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
From: patchwork-bot+netdevbpf
Date: Sat Jun 03 2023 - 16:02:34 EST
Hello:
This patch was applied to netdev/net.git (main)
by David S. Miller <davem@xxxxxxxxxxxxx>:
On Thu, 1 Jun 2023 16:41:52 +0800 you wrote:
> SMCRv1 has a similar issue to SMCRv2 (see link below) that may access
> invalid MRs of RMBs when construct LLC ADD LINK CONT messages.
>
> BUG: kernel NULL pointer dereference, address: 0000000000000014
> #PF: supervisor read access in kernel mode
> #PF: error_code(0x0000) - not-present page
> PGD 0 P4D 0
> Oops: 0000 [#1] PREEMPT SMP PTI
> CPU: 5 PID: 48 Comm: kworker/5:0 Kdump: loaded Tainted: G W E 6.4.0-rc3+ #49
> Workqueue: events smc_llc_add_link_work [smc]
> RIP: 0010:smc_llc_add_link_cont+0x160/0x270 [smc]
> RSP: 0018:ffffa737801d3d50 EFLAGS: 00010286
> RAX: ffff964f82144000 RBX: ffffa737801d3dd8 RCX: 0000000000000000
> RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff964f81370c30
> RBP: ffffa737801d3dd4 R08: ffff964f81370000 R09: ffffa737801d3db0
> R10: 0000000000000001 R11: 0000000000000060 R12: ffff964f82e70000
> R13: ffff964f81370c38 R14: ffffa737801d3dd3 R15: 0000000000000001
> FS: 0000000000000000(0000) GS:ffff9652bfd40000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 0000000000000014 CR3: 000000008fa20004 CR4: 00000000003706e0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> Call Trace:
> <TASK>
> smc_llc_srv_rkey_exchange+0xa7/0x190 [smc]
> smc_llc_srv_add_link+0x3ae/0x5a0 [smc]
> smc_llc_add_link_work+0xb8/0x140 [smc]
> process_one_work+0x1e5/0x3f0
> worker_thread+0x4d/0x2f0
> ? __pfx_worker_thread+0x10/0x10
> kthread+0xe5/0x120
> ? __pfx_kthread+0x10/0x10
> ret_from_fork+0x2c/0x50
> </TASK>
>
> [...]
Here is the summary with links:
- [net] net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
https://git.kernel.org/netdev/net/c/c308e9ec0047
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html