]> git.itanic.dy.fi Git - linux-stable/commitdiff
projects / linux-stable / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e15a251)
IB/cma: Fix reference count leak when no ipv4 addresses are set
authorKalderon, Michal <Michal.Kalderon@cavium.com>
Thu, 6 Jul 2017 20:22:11 +0000 (23:22 +0300)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 3 Jun 2020 06:12:10 +0000 (08:12 +0200)
commit 963916fdb3e5ad4af57ac959b5a03bf23f7568ca upstream.

Once in_dev_get is called to receive in_device pointer, the
in_device reference counter is increased, but if there are
no ipv4 addresses configured on the net-device the ifa_list
will be null, resulting in a flow that doesn't call in_dev_put
to decrease the ref_cnt.
This was exposed when running RoCE over ipv6 without any ipv4
addresses configured

Fixes: commit 8e3867310c90 ("IB/cma: Fix a race condition in iboe_addr_get_sgid()")
Signed-off-by: Michal Kalderon <Michal.Kalderon@cavium.com>
Signed-off-by: Ariel Elior <Ariel.Elior@cavium.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
include/rdma/ib_addr.h patch | blob | history

diff --git a/include/rdma/ib_addr.h b/include/rdma/ib_addr.h
index d77416963f059d0fba0346365def92b9c4f8023d..72f3b0d65435e572cf78f062367470b5bdbc89c7 100644 (file)
--- a/include/rdma/ib_addr.h
+++ b/include/rdma/ib_addr.h
@@ -200,11 +200,13 @@ static inline void iboe_addr_get_sgid(struct rdma_dev_addr *dev_addr,
        dev = dev_get_by_index(&init_net, dev_addr->bound_dev_if);
        if (dev) {
                ip4 = in_dev_get(dev);
-               if (ip4 && ip4->ifa_list && ip4->ifa_list->ifa_address) {
+               if (ip4 && ip4->ifa_list && ip4->ifa_list->ifa_address)
                        ipv6_addr_set_v4mapped(ip4->ifa_list->ifa_address,
                                               (struct in6_addr *)gid);
+
+               if (ip4)
                        in_dev_put(ip4);
-               }
+
                dev_put(dev);
        }
 }
Unnamed repository; edit this file 'description' to name the repository.