diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2017-10-26 23:04:14 +0200 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-10-26 23:04:14 +0200 |
| commit | 15f859ae5c43c7f0a064ed92d33f7a5bc5de6de0 (patch) | |
| tree | dcbd05c2c1dff2d0ec32fc0f4ee1b24e3d9eb5ad | |
| parent | 80c094a47dd4ea63375e3f60b5e076064f16e857 (diff) | |
| parent | b4d91aeb6e120b7e2f207021c31b914895c69bc4 (diff) | |
| download | linux-15f859ae5c43c7f0a064ed92d33f7a5bc5de6de0.tar.gz | |
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dledford/rdma
Pull rdma fix from Doug Ledford:
"Fix an oops issue in the new RDMA netlink code"
* tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dledford/rdma:
RDMA/netlink: OOPs in rdma_nl_rcv_msg() from misinterpreted flag
| -rw-r--r-- | drivers/infiniband/core/netlink.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/drivers/infiniband/core/netlink.c b/drivers/infiniband/core/netlink.c index b12e58787c3ddc..1fb72c356e36cc 100644 --- a/drivers/infiniband/core/netlink.c +++ b/drivers/infiniband/core/netlink.c @@ -175,13 +175,24 @@ static int rdma_nl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, !netlink_capable(skb, CAP_NET_ADMIN)) return -EPERM; + /* + * LS responses overload the 0x100 (NLM_F_ROOT) flag. Don't + * mistakenly call the .dump() function. + */ + if (index == RDMA_NL_LS) { + if (cb_table[op].doit) + return cb_table[op].doit(skb, nlh, extack); + return -EINVAL; + } /* FIXME: Convert IWCM to properly handle doit callbacks */ if ((nlh->nlmsg_flags & NLM_F_DUMP) || index == RDMA_NL_RDMA_CM || index == RDMA_NL_IWCM) { struct netlink_dump_control c = { .dump = cb_table[op].dump, }; - return netlink_dump_start(nls, skb, nlh, &c); + if (c.dump) + return netlink_dump_start(nls, skb, nlh, &c); + return -EINVAL; } if (cb_table[op].doit) |