[PATCH 2.6.30-rc5] ehea: fix invalid pointer access
From: Hannes Hering
Date: Mon May 04 2009 - 12:02:44 EST
This patch fixes an invalid pointer access in case the receive queue holds no
pointer to the next skb when the queue is empty.
Signed-off-by: Hannes Hering <hering2@xxxxxxxxxx>
Signed-off-by: Jan-Bernd Themann <themann@xxxxxxxxxx>
---
diff -Nurp -X dontdiff linux-2.6.30-rc4/drivers/net/ehea/ehea.h patched_kernel/drivers/net/ehea/ehea.h
--- linux-2.6.30-rc4/drivers/net/ehea/ehea.h 2009-05-04 09:54:42.000000000 +0200
+++ patched_kernel/drivers/net/ehea/ehea.h 2009-05-04 10:40:11.000000000 +0200
@@ -40,7 +40,7 @@
#include <asm/io.h>
#define DRV_NAME "ehea"
-#define DRV_VERSION "EHEA_0100"
+#define DRV_VERSION "EHEA_0101"
/* eHEA capability flags */
#define DLPAR_PORT_ADD_REM 1
diff -Nurp -X dontdiff linux-2.6.30-rc4/drivers/net/ehea/ehea_main.c patched_kernel/drivers/net/ehea/ehea_main.c
--- linux-2.6.30-rc4/drivers/net/ehea/ehea_main.c 2009-05-04 09:54:42.000000000 +0200
+++ patched_kernel/drivers/net/ehea/ehea_main.c 2009-05-04 10:40:11.000000000 +0200
@@ -545,14 +545,17 @@ static inline struct sk_buff *get_skb_by
x &= (arr_len - 1);
pref = skb_array[x];
- prefetchw(pref);
- prefetchw(pref + EHEA_CACHE_LINE);
+ if (pref) {
+ prefetchw(pref);
+ prefetchw(pref + EHEA_CACHE_LINE);
+
+ pref = (skb_array[x]->data);
+ prefetch(pref);
+ prefetch(pref + EHEA_CACHE_LINE);
+ prefetch(pref + EHEA_CACHE_LINE * 2);
+ prefetch(pref + EHEA_CACHE_LINE * 3);
+ }
- pref = (skb_array[x]->data);
- prefetch(pref);
- prefetch(pref + EHEA_CACHE_LINE);
- prefetch(pref + EHEA_CACHE_LINE * 2);
- prefetch(pref + EHEA_CACHE_LINE * 3);
skb = skb_array[skb_index];
skb_array[skb_index] = NULL;
return skb;
@@ -569,12 +572,14 @@ static inline struct sk_buff *get_skb_by
x &= (arr_len - 1);
pref = skb_array[x];
- prefetchw(pref);
- prefetchw(pref + EHEA_CACHE_LINE);
-
- pref = (skb_array[x]->data);
- prefetchw(pref);
- prefetchw(pref + EHEA_CACHE_LINE);
+ if (pref) {
+ prefetchw(pref);
+ prefetchw(pref + EHEA_CACHE_LINE);
+
+ pref = (skb_array[x]->data);
+ prefetchw(pref);
+ prefetchw(pref + EHEA_CACHE_LINE);
+ }
skb = skb_array[wqe_index];
skb_array[wqe_index] = NULL;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/