git.baikalelectronics.ru Git - kernel.git/commit

author	Zhu Yanjun <yanjun.zhu@linux.dev>
	Mon, 22 Aug 2022 01:16:13 +0000 (21:16 -0400)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 26 Oct 2022 11:22:36 +0000 (13:22 +0200)
commit	03147623b2dbe27947406159be03f00e3910b616
tree	46d1b71a7b35ebf56ea4016abf5050440591f78b	tree \| snapshot
parent	4e303bffd9aba5491e6750bf9f68e7c2f4bdb400	commit \| diff

RDMA/rxe: Fix "kernel NULL pointer dereference" error

[ Upstream commit d8edda9a8c060b2bc06504c15d6e16462128de7f ]

When rxe_queue_init in the function rxe_qp_init_req fails,
both qp->req.task.func and qp->req.task.arg are not initialized.

Because of creation of qp fails, the function rxe_create_qp will
call rxe_qp_do_cleanup to handle allocated resource.

Before calling __rxe_do_task, both qp->req.task.func and
qp->req.task.arg should be checked.

Fixes: 5deaf88696f1 ("Soft RoCE driver")
Link: https://lore.kernel.org/r/20220822011615.805603-2-yanjun.zhu@linux.dev
Reported-by: syzbot+ab99dc4c6e961eed8b8e@syzkaller.appspotmail.com
Signed-off-by: Zhu Yanjun <yanjun.zhu@linux.dev>
Reviewed-by: Li Zhijian <lizhijian@fujitsu.com>
Reviewed-by: Bob Pearson <rpearsonhpe@gmail.com>
Signed-off-by: Leon Romanovsky <leon@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>