linux/net/rds
Sasha Levin c2349758ac rds: prevent dereference of a NULL device
Binding might result in a NULL device, which is dereferenced
causing this BUG:

[ 1317.260548] BUG: unable to handle kernel NULL pointer dereference at 000000000000097
4
[ 1317.261847] IP: [<ffffffff84225f52>] rds_ib_laddr_check+0x82/0x110
[ 1317.263315] PGD 418bcb067 PUD 3ceb21067 PMD 0
[ 1317.263502] Oops: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 1317.264179] Dumping ftrace buffer:
[ 1317.264774]    (ftrace buffer empty)
[ 1317.265220] Modules linked in:
[ 1317.265824] CPU: 4 PID: 836 Comm: trinity-child46 Tainted: G        W    3.13.0-rc4-
next-20131218-sasha-00013-g2cebb9b-dirty #4159
[ 1317.267415] task: ffff8803ddf33000 ti: ffff8803cd31a000 task.ti: ffff8803cd31a000
[ 1317.268399] RIP: 0010:[<ffffffff84225f52>]  [<ffffffff84225f52>] rds_ib_laddr_check+
0x82/0x110
[ 1317.269670] RSP: 0000:ffff8803cd31bdf8  EFLAGS: 00010246
[ 1317.270230] RAX: 0000000000000000 RBX: ffff88020b0dd388 RCX: 0000000000000000
[ 1317.270230] RDX: ffffffff8439822e RSI: 00000000000c000a RDI: 0000000000000286
[ 1317.270230] RBP: ffff8803cd31be38 R08: 0000000000000000 R09: 0000000000000000
[ 1317.270230] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[ 1317.270230] R13: 0000000054086700 R14: 0000000000a25de0 R15: 0000000000000031
[ 1317.270230] FS:  00007ff40251d700(0000) GS:ffff88022e200000(0000) knlGS:000000000000
0000
[ 1317.270230] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 1317.270230] CR2: 0000000000000974 CR3: 00000003cd478000 CR4: 00000000000006e0
[ 1317.270230] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1317.270230] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000090602
[ 1317.270230] Stack:
[ 1317.270230]  0000000054086700 5408670000a25de0 5408670000000002 0000000000000000
[ 1317.270230]  ffffffff84223542 00000000ea54c767 0000000000000000 ffffffff86d26160
[ 1317.270230]  ffff8803cd31be68 ffffffff84223556 ffff8803cd31beb8 ffff8800c6765280
[ 1317.270230] Call Trace:
[ 1317.270230]  [<ffffffff84223542>] ? rds_trans_get_preferred+0x42/0xa0
[ 1317.270230]  [<ffffffff84223556>] rds_trans_get_preferred+0x56/0xa0
[ 1317.270230]  [<ffffffff8421c9c3>] rds_bind+0x73/0xf0
[ 1317.270230]  [<ffffffff83e4ce62>] SYSC_bind+0x92/0xf0
[ 1317.270230]  [<ffffffff812493f8>] ? context_tracking_user_exit+0xb8/0x1d0
[ 1317.270230]  [<ffffffff8119313d>] ? trace_hardirqs_on+0xd/0x10
[ 1317.270230]  [<ffffffff8107a852>] ? syscall_trace_enter+0x32/0x290
[ 1317.270230]  [<ffffffff83e4cece>] SyS_bind+0xe/0x10
[ 1317.270230]  [<ffffffff843a6ad0>] tracesys+0xdd/0xe2
[ 1317.270230] Code: 00 8b 45 cc 48 8d 75 d0 48 c7 45 d8 00 00 00 00 66 c7 45 d0 02 00
89 45 d4 48 89 df e8 78 49 76 ff 41 89 c4 85 c0 75 0c 48 8b 03 <80> b8 74 09 00 00 01 7
4 06 41 bc 9d ff ff ff f6 05 2a b6 c2 02
[ 1317.270230] RIP  [<ffffffff84225f52>] rds_ib_laddr_check+0x82/0x110
[ 1317.270230]  RSP <ffff8803cd31bdf8>
[ 1317.270230] CR2: 0000000000000974

Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-27 12:33:58 -05:00
..
af_rds.c rds: Make rds_sock_lock BH rather than IRQ safe. 2012-01-24 17:03:44 -05:00
bind.c hlist: drop the node parameter from iterators 2013-02-27 19:10:24 -08:00
cong.c net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules 2011-10-31 19:30:30 -04:00
connection.c inet: convert inet_ehash_secret and ipv6_hash_secret to net_get_random_once 2013-10-19 19:45:35 -04:00
ib_cm.c IB/rds: suppress incompatible protocol when version is known 2012-12-26 15:17:37 -08:00
ib_rdma.c net, rds, Replace xlist in net/rds/xlist.h with llist 2011-09-15 15:36:32 -04:00
ib_recv.c IB/rds: Correct ib_api use with gs_dma_address/sg_dma_len 2012-12-26 15:17:37 -08:00
ib_ring.c
ib_send.c rds: prevent BUG_ON triggered on congestion update to loopback 2013-12-03 11:54:18 -05:00
ib_stats.c RDS: Move atomic stats from general to ib-specific area 2010-09-08 18:12:20 -07:00
ib_sysctl.c net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
ib.c rds: prevent dereference of a NULL device 2013-12-27 12:33:58 -05:00
ib.h net: rds: use this_cpu_* per-cpu helper 2012-11-19 18:59:44 -05:00
info.c rds: remove the second argument of k[un]map_atomic() 2012-03-20 21:48:28 +08:00
info.h
iw_cm.c RDS: use gfp flags from caller in conn_alloc() 2012-03-22 19:29:58 -04:00
iw_rdma.c RDS: Remove some unused iWARP code 2012-01-12 20:05:28 -08:00
iw_recv.c Merge branch 'kmap_atomic' of git://github.com/congwang/linux 2012-03-21 09:40:26 -07:00
iw_ring.c
iw_send.c net/rds: use prink_ratelimited() instead of printk_ratelimit() 2011-06-17 00:03:03 -04:00
iw_stats.c
iw_sysctl.c net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
iw.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
iw.h net: remove interrupt.h inclusion from netdevice.h 2011-06-06 22:55:11 -07:00
Kconfig net/rds: remove depends on CONFIG_EXPERIMENTAL 2013-01-11 11:40:02 -08:00
loop.c RDS: use gfp flags from caller in conn_alloc() 2012-03-22 19:29:58 -04:00
loop.h
Makefile Net: rds: Makefile: Remove deprecated items 2010-11-22 08:16:15 -08:00
message.c rds: simplify a warning message 2013-03-04 14:12:07 -05:00
page.c net: Fix (nearly-)kernel-doc comments for various functions 2012-07-10 23:13:45 -07:00
rdma_transport.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
rdma_transport.h rds: make local functions/variables static 2010-10-21 04:26:39 -07:00
rdma.c rds: Integer overflow in RDS cmsg handling 2010-11-17 12:20:52 -08:00
rds.h net: misc: Remove extern from function prototypes 2013-10-19 19:12:11 -04:00
recv.c net: rework recvmsg handler msg_name and msg_namelen logic 2013-11-20 21:52:30 -05:00
send.c RDS: fix rds-ping spinlock recursion 2012-10-09 13:57:23 -04:00
stats.c net/rds: zero last byte for strncpy 2013-03-08 00:35:44 -05:00
sysctl.c net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
tcp_connect.c rds: Don't disable BH on BH context 2012-08-22 22:52:04 -07:00
tcp_listen.c rds: Don't disable BH on BH context 2012-08-22 22:52:04 -07:00
tcp_recv.c rds: Don't disable BH on BH context 2012-08-22 22:52:04 -07:00
tcp_send.c rds: Don't disable BH on BH context 2012-08-22 22:52:04 -07:00
tcp_stats.c net: rds: fix const array syntax 2011-07-01 16:16:19 -07:00
tcp.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
tcp.h rds: make local functions/variables static 2010-10-21 04:26:39 -07:00
threads.c net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules 2011-10-31 19:30:30 -04:00
transport.c RDS: have sockets get transport module references 2010-09-08 18:16:47 -07:00