Commit fea75645 authored by Yuval Mintz's avatar Yuval Mintz Committed by David S. Miller

bnx2x: Prevent null pointer dereference in AFEX mode

The cnic module is responsible for initializing various bnx2x structs
via callbacks provided by the bnx2x module.
One such struct is the queue object for the FCoE queue.

If a device is working in AFEX mode and its configuration allows FCoE yet
the cnic module is not loaded, it's very likely a null pointer dereference
will occur, as the bnx2x will erroneously access the FCoE's queue object.

Prevent said access until cnic properly registers itself.
Signed-off-by: default avatarYuval Mintz <yuvalmin@broadcom.com>
Signed-off-by: default avatarAriel Elior <ariele@broadcom.com>
Signed-off-by: default avatarEilon Greenstein <eilong@broadcom.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 61a0f6ef
...@@ -4947,7 +4947,7 @@ static void bnx2x_after_function_update(struct bnx2x *bp) ...@@ -4947,7 +4947,7 @@ static void bnx2x_after_function_update(struct bnx2x *bp)
q); q);
} }
if (!NO_FCOE(bp)) { if (!NO_FCOE(bp) && CNIC_ENABLED(bp)) {
fp = &bp->fp[FCOE_IDX(bp)]; fp = &bp->fp[FCOE_IDX(bp)];
queue_params.q_obj = &bnx2x_sp_obj(bp, fp).q_obj; queue_params.q_obj = &bnx2x_sp_obj(bp, fp).q_obj;
...@@ -13354,6 +13354,7 @@ static int bnx2x_unregister_cnic(struct net_device *dev) ...@@ -13354,6 +13354,7 @@ static int bnx2x_unregister_cnic(struct net_device *dev)
RCU_INIT_POINTER(bp->cnic_ops, NULL); RCU_INIT_POINTER(bp->cnic_ops, NULL);
mutex_unlock(&bp->cnic_mutex); mutex_unlock(&bp->cnic_mutex);
synchronize_rcu(); synchronize_rcu();
bp->cnic_enabled = false;
kfree(bp->cnic_kwq); kfree(bp->cnic_kwq);
bp->cnic_kwq = NULL; bp->cnic_kwq = NULL;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment