Doron Tsur 0ca81a2840 IB/cm: Fix rb-tree duplicate free and use-after-free ... ib_send_cm_sidr_rep could sometimes erase the node from the sidr (depending on errors in the process). Since ib_send_cm_sidr_rep is called both from cm_sidr_req_handler and cm_destroy_id, cm_id_priv could be either erased from the rb_tree twice or not erased at all. Fixing that by making sure it's erased only once before freeing cm_id_priv. Fixes: a977049dac ('[PATCH] IB: Add the kernel CM implementation') Signed-off-by: Doron Tsur <doront@mellanox.com> Signed-off-by: Matan Barak <matanb@mellanox.com> Signed-off-by: Doug Ledford <dledford@redhat.com>		2015-10-21 15:43:12 -04:00
..
addr.c	IB/core cleanup: Add const to args - agent_send_response	2015-06-02 09:33:13 -04:00
agent.c	IB: Add rdma_cap_ib_switch helper and use where appropriate	2015-07-14 13:20:08 -04:00
agent.h	IB/mad: Add final OPA MAD processing	2015-06-12 14:49:18 -04:00
cache.c	IB/core: Fix memory corruption in ib_cache_gid_set_default_gid	2015-10-15 12:35:54 -04:00
cm_msgs.h	IB/core: Fix unaligned accesses	2015-05-05 13:21:27 -04:00
cm.c	IB/cm: Fix rb-tree duplicate free and use-after-free	2015-10-21 15:43:12 -04:00
cma.c	IB/cma: Use inner P_Key to determine netdev	2015-10-20 14:16:51 -04:00
core_priv.h	IB/core: Add RoCE GID table management	2015-08-30 18:08:50 -04:00
device.c	IB/core: Remove needless bracketization	2015-08-30 18:12:21 -04:00
fmr_pool.c	hlist: drop the node parameter from iterators	2013-02-27 19:10:24 -08:00
iwcm.c	RDMA/iwcm: Use a default listen backlog if needed	2014-08-05 07:33:24 -07:00
iwcm.h
iwpm_msg.c	RDMA/core: Fixes for port mapper client registration	2015-07-14 13:20:10 -04:00
iwpm_util.c	RDMA/core: Fixes for port mapper client registration	2015-07-14 13:20:10 -04:00
iwpm_util.h	RDMA/core: Fixes for port mapper client registration	2015-07-14 13:20:10 -04:00
mad_priv.h	IB/mad: Remove ib_get_dma_mr calls	2015-08-30 18:12:33 -04:00
mad_rmpp.c	IB/mad: Add final OPA MAD processing	2015-06-12 14:49:18 -04:00
mad_rmpp.h
mad.c	IB/mad: Remove ib_get_dma_mr calls	2015-08-30 18:12:33 -04:00
Makefile	IB/core: Add RoCE GID table management	2015-08-30 18:08:50 -04:00
multicast.c	IB/core: lock client data with lists_rwsem	2015-08-30 15:48:21 -04:00
netlink.c	IB/core: Add rdma netlink helper functions	2015-08-30 18:12:25 -04:00
opa_smi.h	IB: Add rdma_cap_ib_switch helper and use where appropriate	2015-07-14 13:20:08 -04:00
packer.c	infiniband: add in export.h for files using EXPORT_SYMBOL/THIS_MODULE	2011-10-31 19:31:35 -04:00
roce_gid_mgmt.c	IB/core: Fix use after free of ifa	2015-10-20 13:10:46 -04:00
sa_query.c	IB/sa: Fix rdma netlink message flags	2015-09-02 13:58:54 -04:00
sa.h
smi.c	IB: Add rdma_cap_ib_switch helper and use where appropriate	2015-07-14 13:20:08 -04:00
smi.h	IB: Add rdma_cap_ib_switch helper and use where appropriate	2015-07-14 13:20:08 -04:00
sysfs.c	IB/core: Make ib_alloc_device init the kobject	2015-08-30 18:08:50 -04:00
ucm.c	IB/cm: Remove compare_data checks	2015-08-30 15:48:24 -04:00
ucma.c	IB/ucma: check workqueue allocation before usage	2015-10-20 13:35:51 -04:00
ud_header.c	infiniband: add in export.h for files using EXPORT_SYMBOL/THIS_MODULE	2011-10-31 19:31:35 -04:00
umem_odp.c	IB/core: dma unmap optimizations	2015-05-05 09:18:02 -04:00
umem_rbtree.c	IB/core: Implement support for MMU notifiers regarding on demand paging regions	2014-12-15 18:13:36 -08:00
umem.c	IB/core: don't disallow registering region starting at 0x0	2015-04-15 16:05:02 -04:00
user_mad.c	IB/core: lock client data with lists_rwsem	2015-08-30 15:48:21 -04:00
uverbs_cmd.c	IB/uverbs: reject invalid or unknown opcodes	2015-09-03 14:25:24 -04:00
uverbs_main.c	IB/uverbs: Enable device removal when there are active user space applications	2015-08-30 18:12:40 -04:00
uverbs_marshall.c	IB/core: When marshaling uverbs path, clear unused fields	2014-09-22 09:46:52 -07:00
uverbs.h	IB/uverbs: Enable device removal when there are active user space applications	2015-08-30 18:12:40 -04:00
verbs.c	Changes for 4.3	2015-09-09 08:33:31 -07:00