i40iw: Avoid panic when handling the inetdev event
authorFeng Tang <feng.tang@intel.com>
Thu, 14 Mar 2019 10:37:29 +0000 (18:37 +0800)
committerJason Gunthorpe <jgg@mellanox.com>
Mon, 18 Mar 2019 00:40:40 +0000 (21:40 -0300)
commitec4fe4bcc584b55e24e8d1768f5510a62c0fd619
tree8efef3aaadcc9085bd098f60f710cd6c9eb82e4c
parentcd27287562d69629c5f007c6f64c27b6ff15f3e5
i40iw: Avoid panic when handling the inetdev event

There is a panic reported that on a system with x722 ethernet, when doing
the operations like:

# ip link add br0 type bridge
# ip link set eno1 master br0
# systemctl restart systemd-networkd

The system will panic "BUG: unable to handle kernel null pointer
dereference at 0000000000000034", with call chain:

i40iw_inetaddr_event
notifier_call_chain
blocking_notifier_call_chain
notifier_call_chain
__inet_del_ifa
inet_rtm_deladdr
rtnetlink_rcv_msg
netlink_rcv_skb
rtnetlink_rcv
netlink_unicast
netlink_sendmsg
sock_sendmsg
__sys_sendto

It is caused by "local_ipaddr = ntohl(in->ifa_list->ifa_address)", while
the in->ifa_list is NULL.

So add a check for the "in->ifa_list == NULL" case, and skip the ARP
operation accordingly.

Signed-off-by: Feng Tang <feng.tang@intel.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
drivers/infiniband/hw/i40iw/i40iw_utils.c