From 08a168c776d29b480a3c54832b94d113a5ee2b8c Mon Sep 17 00:00:00 2001
From: Tatyana Nikolova <Tatyana.E.Nikolova@intel.com>
Date: Fri, 24 Oct 2014 14:09:04 -0500
Subject: [PATCH] RDMA/nes: Fix for register mr with zero length

Signed-off-by: Tatyana Nikolova <tatyana.e.nikolova@intel.com>
---
 ...DMA-nes-Fix-for-register-zero-len-mr.patch | 40 +++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 linux-next-pending/0008-RDMA-nes-Fix-for-register-zero-len-mr.patch

diff --git a/linux-next-pending/0008-RDMA-nes-Fix-for-register-zero-len-mr.patch b/linux-next-pending/0008-RDMA-nes-Fix-for-register-zero-len-mr.patch
new file mode 100644
index 0000000..2bc70bf
--- /dev/null
+++ b/linux-next-pending/0008-RDMA-nes-Fix-for-register-zero-len-mr.patch
@@ -0,0 +1,40 @@
+RDMA/nes: Fix for a crash when registering a user mr with zero length
+
+Note: The return value ibmr has been previously initialized to ERR_PTR(-EINVAL),
+independent of this patch. 
+
+Signed-off-by: Tatyana Nikolova <tatyana.e.nikolova@intel.com>
+---
+ drivers/infiniband/hw/nes/nes_verbs.c |    9 ++++-----
+ 1 files changed, 4 insertions(+), 5 deletions(-)
+
+diff --git a/drivers/infiniband/hw/nes/nes_verbs.c b/drivers/infiniband/hw/nes/nes_verbs.c
+index 5b53ca5..e08d175 100644
+--- a/drivers/infiniband/hw/nes/nes_verbs.c
++++ b/drivers/infiniband/hw/nes/nes_verbs.c
+@@ -2331,6 +2331,10 @@ static struct ib_mr *nes_reg_user_mr(struct ib_pd *pd, u64 start, u64 length,
+ 	u8 single_page = 1;
+ 	u8 stag_key;
+ 
++	if (length == 0) {
++		nes_debug(NES_DBG_MR, "Unable to register zero length region\n");
++		return ibmr;
++	}
+ 	region = ib_umem_get(pd->uobject->context, start, length, acc, 0);
+ 	if (IS_ERR(region)) {
+ 		return (struct ib_mr *)region;
+@@ -2565,11 +2569,6 @@ static struct ib_mr *nes_reg_user_mr(struct ib_pd *pd, u64 start, u64 length,
+ 			return ibmr;
+ 		case IWNES_MEMREG_TYPE_QP:
+ 		case IWNES_MEMREG_TYPE_CQ:
+-			if (!region->length) {
+-				nes_debug(NES_DBG_MR, "Unable to register zero length region for CQ\n");
+-				ib_umem_release(region);
+-				return ERR_PTR(-EINVAL);
+-			}
+ 			nespbl = kzalloc(sizeof(*nespbl), GFP_KERNEL);
+ 			if (!nespbl) {
+ 				nes_debug(NES_DBG_MR, "Unable to allocate PBL\n");
+-- 
+1.7.1
+
-- 
2.41.0