diff options
| author | Jack Morgenstein <jackm@dev.mellanox.co.il> | 2018-07-11 10:23:52 +0200 |
|---|---|---|
| committer | Jason Gunthorpe <jgg@mellanox.com> | 2018-07-24 23:30:34 +0200 |
| commit | addb8a6559f0f8b5a37582b7ca698358445a55bf (patch) | |
| tree | ab4b781f4d4a8db587b65095170e33a5f7e8739d /.cocciconfig | |
| parent | RDMA/mlx5: Fix memory leak in mlx5_ib_create_srq() error path (diff) | |
| download | linux-addb8a6559f0f8b5a37582b7ca698358445a55bf.tar.xz linux-addb8a6559f0f8b5a37582b7ca698358445a55bf.zip | |
RDMA/uverbs: Expand primary and alt AV port checks
The commit cited below checked that the port numbers provided in the
primary and alt AVs are legal.
That is sufficient to prevent a kernel panic. However, it is not
sufficient for correct operation.
In Linux, AVs (both primary and alt) must be completely self-described.
We do not accept an AV from userspace without an embedded port number.
(This has been the case since kernel 3.14 commit dbf727de7440
("IB/core: Use GID table in AH creation and dmac resolution")).
For the primary AV, this embedded port number must match the port number
specified with IB_QP_PORT.
We also expect the port number embedded in the alt AV to match the
alt_port_num value passed by the userspace driver in the modify_qp command
base structure.
Add these checks to modify_qp.
Cc: <stable@vger.kernel.org> # 4.16
Fixes: 5d4c05c3ee36 ("RDMA/uverbs: Sanitize user entered port numbers prior to access it")
Signed-off-by: Jack Morgenstein <jackm@dev.mellanox.co.il>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
Diffstat (limited to '.cocciconfig')
0 files changed, 0 insertions, 0 deletions