IPoIB: Fix oops if xmit is called when priv->broadcast is NULL If a port goes down, ipoib_ib_dev_down() is invoked -- which flushes the mcasts (clearing priv->broadcast) and clearing the path record cache. If ipoib_start_xmit() is then invoked (before the broadcast group is rejoined), a kernel oops results from attempting to access priv->broadcast, which is still unset. Returning NULL from path_rec_create() if priv->broadcast is NULL is a harmless way of bypassing the problem -- the offending packet is simply discarded "without prejudice." Signed-off-by: Jack Morgenstein <jackm@dev.mellanox.co.il> Signed-off-by: Roland Dreier <rolandd@cisco.com>

commit: 1401b53acc0328d96bacb2a3393d2852699df96b [log] [tgz]
author: Jack Morgenstein <jackm@dev.mellanox.co.il> Mon Nov 26 10:41:19 2007 +0200
committer: Roland Dreier <rolandd@cisco.com> Tue Nov 27 15:40:10 2007 -0800
tree: 1f6ac801ec6c4c5b8ced21cd55449212ecd93dd1
parent: 7749c902592f610dc448830210174ab922f54be9 [diff] [blame]
diff --git a/drivers/infiniband/ulp/ipoib/ipoib_main.c b/drivers/infiniband/ulp/ipoib/ipoib_main.c
index a03a65e..c9f6077 100644
--- a/drivers/infiniband/ulp/ipoib/ipoib_main.c
+++ b/drivers/infiniband/ulp/ipoib/ipoib_main.c

@@ -460,6 +460,9 @@
 	struct ipoib_dev_priv *priv = netdev_priv(dev);
 	struct ipoib_path *path;
 
+	if (!priv->broadcast)
+		return NULL;
+
 	path = kzalloc(sizeof *path, GFP_ATOMIC);
 	if (!path)
 		return NULL;
commit	1401b53acc0328d96bacb2a3393d2852699df96b	[log] [tgz]
author	Jack Morgenstein <jackm@dev.mellanox.co.il>	Mon Nov 26 10:41:19 2007 +0200
committer	Roland Dreier <rolandd@cisco.com>	Tue Nov 27 15:40:10 2007 -0800
tree	1f6ac801ec6c4c5b8ced21cd55449212ecd93dd1
parent	7749c902592f610dc448830210174ab922f54be9 [diff] [blame]