Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-24 05:02:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
ed9085fed9
linux/drivers/infiniband/core
History
Mark Zhang 33df2f1929 RDMA/counter: Prevent auto-binding a QP which are not tracked with res 
Some QPs (e.g. XRC QP) are not tracked in kernel, in this case they have
an invalid res and should not be bound to any dynamically-allocated
counter in auto mode.

This fixes below call trace:
BUG: kernel NULL pointer dereference, address: 0000000000000390
PGD 80000001a7233067 P4D 80000001a7233067 PUD 1a7215067 PMD 0
Oops: 0000 [#1] SMP PTI
CPU: 2 PID: 24822 Comm: ibv_xsrq_pingpo Not tainted 5.4.0-rc5+ #21
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-2.fc27 04/01/2014
RIP: 0010:rdma_counter_bind_qp_auto+0x142/0x270 [ib_core]
Code: e1 48 85 c0 48 89 c2 0f 84 bc 00 00 00 49 8b 06 48 39 42 48 75 d6 40 3a aa 90 00 00 00 75 cd 49 8b 86 00 01 00 00 48 8b 4a 28 <8b> 80 90 03 00 00 39 81 90 03 00 00 75 b4 85 c0 74 b0 48 8b 04 24
RSP: 0018:ffffc900003f39c0 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
RDX: ffff88820020ec00 RSI: 0000000000000004 RDI: ffffffffffffffc0
RBP: 0000000000000001 R08: ffff888224149ff0 R09: ffffc900003f3968
R10: ffffffffffffffff R11: ffff8882249c5848 R12: ffffffffffffffff
R13: ffff88821d5aca50 R14: ffff8881f7690800 R15: ffff8881ff890000
FS:  00007fe53a3e1740(0000) GS:ffff888237b00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000390 CR3: 00000001a7292006 CR4: 00000000003606a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 _ib_modify_qp+0x3a4/0x3f0 [ib_core]
 ? lookup_get_idr_uobject.part.8+0x23/0x40 [ib_uverbs]
 modify_qp+0x322/0x3e0 [ib_uverbs]
 ib_uverbs_modify_qp+0x43/0x70 [ib_uverbs]
 ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xb1/0xf0 [ib_uverbs]
 ib_uverbs_run_method+0x6be/0x760 [ib_uverbs]
 ? uverbs_disassociate_api+0xd0/0xd0 [ib_uverbs]
 ib_uverbs_cmd_verbs+0x18d/0x3a0 [ib_uverbs]
 ? get_acl+0x1a/0x120
 ? __alloc_pages_nodemask+0x15d/0x2c0
 ib_uverbs_ioctl+0xa7/0x110 [ib_uverbs]
 do_vfs_ioctl+0xa5/0x610
 ksys_ioctl+0x60/0x90
 __x64_sys_ioctl+0x16/0x20
 do_syscall_64+0x48/0x110
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Fixes: 99fa331dc8 ("RDMA/counter: Add "auto" configuration mode support")
Signed-off-by: Mark Zhang <markz@mellanox.com>
Reviewed-by: Maor Gottlieb <maorg@mellanox.com>
Reviewed-by: Ido Kalir <idok@mellanox.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Link: https://lore.kernel.org/r/20191212091214.315005-2-leon@kernel.org
Signed-off-by: Doug Ledford <dledford@redhat.com>
2019-12-12 15:38:15 -05:00
..
addr.c net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup 2019-12-04 12:27:13 -08:00
agent.c RDMA: Mark if destroy address handle is in a sleepable context 2018-12-19 16:28:03 -07:00
agent.h
cache.c IB/core: Do not notify GID change event of an unregistered device 2019-10-22 16:58:22 -03:00
cgroup.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 288 2019-06-05 17:36:37 +02:00
cm_msgs.h RDMA/cm: Update copyright together with SPDX tag 2019-10-28 10:15:11 -03:00
cm.c RDMA/cm: Use refcount_t type for refcount variable 2019-11-19 16:10:04 -04:00
cma_configfs.c RDMA/core: Annotate destroy of mutex to ensure that it is released as unlocked 2019-07-25 12:07:14 -03:00
cma_priv.h IB/cma: Define option to set ack timeout and pack tos_set 2019-02-08 16:14:21 -07:00
cma.c RDMA/cma: add missed unregister_pernet_subsys in init failure 2019-12-09 12:02:11 -05:00
core_priv.h RDMA subsystem updates for 5.5 2019-11-27 10:17:28 -08:00
counters.c RDMA/counter: Prevent auto-binding a QP which are not tracked with res 2019-12-12 15:38:15 -05:00
cq.c rdma: Enable ib_alloc_cq to spread work over a device's comp_vectors 2019-08-05 11:50:32 -04:00
device.c hmm related patches for 5.5 2019-11-30 10:33:14 -08:00
fmr_pool.c RDMA: Delete DEBUG code 2019-08-20 13:27:53 -04:00
ib_core_uverbs.c RDMA: Connect between the mmap entry and the umap_priv structure 2019-11-06 13:08:01 -04:00
iwcm.c RDMA/iwcm: move iw_rem_ref() calls out of spinlock 2019-10-18 14:40:01 -04:00
iwcm.h
iwpm_msg.c RDMA/iwpm: Delete unnecessary checks before the macro call "dev_kfree_skb" 2019-08-27 13:09:23 -03:00
iwpm_util.c RDMA/iwpm: Delete unnecessary checks before the macro call "dev_kfree_skb" 2019-08-27 13:09:23 -03:00
iwpm_util.h infiniband: fix core/ipwm_util.h kernel-doc warnings 2019-10-22 14:45:31 -03:00
mad_priv.h RDMA: Use __packed annotation instead of __attribute__ ((packed)) 2019-03-25 21:14:12 -03:00
mad_rmpp.c RDMA: Mark if destroy address handle is in a sleepable context 2018-12-19 16:28:03 -07:00
mad_rmpp.h
mad.c RDMA: Change MAD processing function to remove extra casting and parameter 2019-11-12 20:20:15 -04:00
Makefile RDMA/core: Move core content from ib_uverbs to ib_core 2019-11-05 09:59:26 -04:00
mr_pool.c Linux 5.2-rc6 2019-06-28 21:18:23 -03:00
multicast.c IB/core, ipoib: Do not overreact to SM LID change event 2019-05-07 16:06:03 -03:00
netlink.c IB/core: Avoid deadlock during netlink message handling 2019-10-24 20:49:37 -03:00
nldev.c RDMA subsystem updates for 5.5 2019-11-27 10:17:28 -08:00
opa_smi.h RDMA: Start use ib_device_ops 2018-12-12 07:40:16 -07:00
packer.c
rdma_core.c RDMA/core: Create mmap database and cookie helper functions 2019-11-06 13:08:00 -04:00
rdma_core.h RDMA/core: Clear out the udata before error unwind 2019-05-27 14:35:26 -03:00
restrack.c RDMA/restrack: Remove PID namespace support 2019-10-23 15:58:31 -03:00
restrack.h RDMA/restrack: Remove PID namespace support 2019-10-23 15:58:31 -03:00
roce_gid_mgmt.c drivers: use in_dev_for_each_ifa_rtnl/rcu 2019-06-02 18:06:26 -07:00
rw.c RDMA/rw: Support threshold for registration vs scattering to local pages 2019-10-22 14:26:52 -03:00
sa_query.c infiniband: fix core/ kernel-doc notation 2019-10-22 14:52:56 -03:00
sa.h RDMA/core: Annotate timeout as unsigned long 2018-10-16 13:34:01 -04:00
security.c IB/core: Fix wrong iterating on ports 2019-10-04 15:50:27 -03:00
smi.c
smi.h RDMA: Start use ib_device_ops 2018-12-12 07:40:16 -07:00
sysfs.c RDMA: Change MAD processing function to remove extra casting and parameter 2019-11-12 20:20:15 -04:00
ucma.c RDMA: Report available cdevs through RDMA_NLDEV_CMD_GET_CHARDEV 2019-06-18 22:44:08 -04:00
ud_header.c
umem_odp.c RDMA/odp: Use mmu_interval_notifier_insert() 2019-11-23 19:56:44 -04:00
umem.c IB/umem: remove the dmasync argument to ib_umem_get 2019-11-17 10:37:00 -04:00
user_mad.c Merge branch 'odp_fixes' into rdma.git for-next 2019-08-21 14:10:36 -03:00
uverbs_cmd.c RDMA/core: Create mmap database and cookie helper functions 2019-11-06 13:08:00 -04:00
uverbs_ioctl.c RDMA/uverbs: Add a check for uverbs_attr_get to uverbs_copy_to_struct_or_zero 2019-10-22 16:10:03 -03:00
uverbs_main.c compat_ioctl: remove most of fs/compat_ioctl.c 2019-12-01 13:46:15 -08:00
uverbs_marshall.c IB/cm: Replace members of sa_path_rec with 'struct sgid_attr *' 2018-06-25 14:19:57 -06:00
uverbs_std_types_counters.c IB: When attrs.udata/ufile is available use that instead of uobject 2019-04-08 13:05:25 -03:00
uverbs_std_types_cq.c Linux 5.2-rc6 2019-06-28 21:18:23 -03:00
uverbs_std_types_device.c IB/uverbs: Fix ioctl query port to consider device disassociation 2019-01-25 11:58:06 -07:00
uverbs_std_types_dm.c IB: When attrs.udata/ufile is available use that instead of uobject 2019-04-08 13:05:25 -03:00
uverbs_std_types_flow_action.c IB: When attrs.udata/ufile is available use that instead of uobject 2019-04-08 13:05:25 -03:00
uverbs_std_types_mr.c Linux 5.2-rc6 2019-06-28 21:18:23 -03:00
uverbs_std_types.c IB: Remove 'uobject->context' dependency in object destroy APIs 2019-04-01 14:59:35 -03:00
uverbs_uapi.c RDMA: Move driver_id into struct ib_device_ops 2019-06-10 16:56:02 -03:00
uverbs.h RDMA/uverbs: Prevent potential underflow 2019-10-22 15:05:36 -03:00
verbs.c RDMA subsystem updates for 5.5 2019-11-27 10:17:28 -08:00