From 20a98b73ad6d6bce9cdf0c890b643d197cd26396 Mon Sep 17 00:00:00 2001
From: Bart Van Assche <bvanassche@acm.org>
Date: Mon, 31 Dec 2018 18:54:34 +0000
Subject: [PATCH] ib_srpt: Fix an out-of-bounds read that is triggered on
 kernel v4.4 and later

git-svn-id: http://svn.code.sf.net/p/scst/svn/trunk@7847 d57e44dd-8a1f-0410-8b47-8ef2f437770f
---
 srpt/src/ib_srpt.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/srpt/src/ib_srpt.c b/srpt/src/ib_srpt.c
index c797bb728..a93512712 100644
--- a/srpt/src/ib_srpt.c
+++ b/srpt/src/ib_srpt.c
@@ -1074,14 +1074,25 @@ out:
  */
 static int srpt_zerolength_write(struct srpt_rdma_ch *ch)
 {
+#ifdef USE_PRE_440_WR_STRUCTURE
 	struct ib_send_wr wr;
+#else
+	struct ib_rdma_wr wr;
+#endif
 	BAD_WR_MODIFIER struct ib_send_wr *bad_wr;
 
 	memset(&wr, 0, sizeof(wr));
+#ifdef USE_PRE_440_WR_STRUCTURE
 	wr.opcode = IB_WR_RDMA_WRITE;
 	wr.wr_id = encode_wr_id(SRPT_RDMA_ZEROLENGTH_WRITE, 0xffffffffUL);
 	wr.send_flags = IB_SEND_SIGNALED;
 	return ib_post_send(ch->qp, &wr, &bad_wr);
+#else
+	wr.wr.opcode = IB_WR_RDMA_WRITE;
+	wr.wr.wr_id = encode_wr_id(SRPT_RDMA_ZEROLENGTH_WRITE, 0xffffffffUL);
+	wr.wr.send_flags = IB_SEND_SIGNALED;
+	return ib_post_send(ch->qp, &wr.wr, &bad_wr);
+#endif
 }
 
 /**