summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDoron Tsur <doront@mellanox.com>2015-10-15 15:01:02 +0300
committerDoug Ledford <dledford@redhat.com>2015-10-15 12:35:54 -0400
commit17b38fb89055bf5df402980c9546a8b046552f2b (patch)
tree292d5bc17607c3ca26d12fc1a612f007af0015bb
parent0b5c9279e568d90903acedc2b9b832d8d78e8288 (diff)
downloadlinux-17b38fb89055bf5df402980c9546a8b046552f2b.tar.gz
linux-17b38fb89055bf5df402980c9546a8b046552f2b.tar.bz2
linux-17b38fb89055bf5df402980c9546a8b046552f2b.zip
IB/core: Fix memory corruption in ib_cache_gid_set_default_gid
When ib_cache_gid_set_default_gid is called from several threads, updating the table could make find_gid fail, therefore a negative index will be retruned and an invalid table entry will be used. Locking find_gid as well fixes this problem. Fixes: 03db3a2d81e6 ('IB/core: Add RoCE GID table management') Signed-off-by: Doron Tsur <doront@mellanox.com> Signed-off-by: Matan Barak <matanb@mellanox.com> Signed-off-by: Doug Ledford <dledford@redhat.com>
-rw-r--r--drivers/infiniband/core/cache.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/infiniband/core/cache.c b/drivers/infiniband/core/cache.c
index 8f66c67ff0df..87471ef37198 100644
--- a/drivers/infiniband/core/cache.c
+++ b/drivers/infiniband/core/cache.c
@@ -508,12 +508,12 @@ void ib_cache_gid_set_default_gid(struct ib_device *ib_dev, u8 port,
memset(&gid_attr, 0, sizeof(gid_attr));
gid_attr.ndev = ndev;
+ mutex_lock(&table->lock);
ix = find_gid(table, NULL, NULL, true, GID_ATTR_FIND_MASK_DEFAULT);
/* Coudn't find default GID location */
WARN_ON(ix < 0);
- mutex_lock(&table->lock);
if (!__ib_cache_gid_get(ib_dev, port, ix,
&current_gid, &current_gid_attr) &&
mode == IB_CACHE_GID_DEFAULT_MODE_SET &&