leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9d9f59b420
linux/drivers/infiniband/hw/mthca
History
Leon Romanovsky 9d9f59b420 RDMA/mthca: Clear QP objects during their allocation 
As part of audit process to update drivers to use rdma_restrack_add()
ensure that QP objects is cleared before access. Such change fixes the
crash observed with uninitialized non zero sgid attr accessed by
ib_destroy_qp().

CPU: 3 PID: 74 Comm: kworker/u16:1 Not tainted 4.19.10-300.fc29.x86_64
Workqueue: ipoib_wq ipoib_cm_tx_reap [ib_ipoib]
RIP: 0010:rdma_put_gid_attr+0x9/0x30 [ib_core]
RSP: 0018:ffffb7ad819dbde8 EFLAGS: 00010202
RAX: 0000000000000000 RBX: ffff8d1bdf5a2e00 RCX: 0000000000002699
RDX: 206c656e72656af8 RSI: ffff8d1bf7ae6160 RDI: 206c656e72656b20
RBP: 0000000000000000 R08: 0000000000026160 R09: ffffffffc06b45bf
R10: ffffe849887da000 R11: 0000000000000002 R12: ffff8d1be30cb400
R13: ffff8d1bdf681800 R14: ffff8d1be2272400 R15: ffff8d1be30ca000
FS:  0000000000000000(0000) GS:ffff8d1bf7ac0000(0000)
knlGS:0000000000000000
Trace:
 ib_destroy_qp+0xc9/0x240 [ib_core]
 ipoib_cm_tx_reap+0x1f9/0x4e0 [ib_ipoib]
 process_one_work+0x1a1/0x3a0
 worker_thread+0x30/0x380
 ? pwq_unbound_release_workfn+0xd0/0xd0
 kthread+0x112/0x130
 ? kthread_create_worker_on_cpu+0x70/0x70
 ret_from_fork+0x22/0x40

Reported-by: Alexander Murashkin <AlexanderMurashkin@msn.com>
Tested-by: Alexander Murashkin <AlexanderMurashkin@msn.com>
Fixes: 1a1f460ff1 ("RDMA: Hold the sgid_attr inside the struct ib_ah/qp")
Signed-off-by: Parav Pandit <parav@mellanox.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
2019-01-10 17:01:22 -07:00
..
Kconfig
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mthca_allocator.c treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
mthca_av.c RDMA: Convert drivers to use the AH's sgid_attr in post_wr paths 2018-06-18 11:11:27 -06:00
mthca_catas.c treewide: setup_timer() -> timer_setup() (2 field) 2017-11-21 15:57:09 -08:00
mthca_cmd.c treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
mthca_cmd.h
mthca_config_reg.h
mthca_cq.c IB: remove in-kernel support for memory windows 2015-12-23 14:29:04 -05:00
mthca_dev.h RDMA: Cleanup undesired pd->uobject usage 2018-12-18 19:15:48 -07:00
mthca_doorbell.h
mthca_eq.c treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
mthca_mad.c RDMA: Mark if destroy address handle is in a sleepable context 2018-12-19 16:28:03 -07:00
mthca_main.c IB/mthca: Fix error return code in __mthca_init_one() 2018-10-03 16:02:10 -06:00
mthca_mcg.c
mthca_memfree.c treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
mthca_memfree.h
mthca_mr.c treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
mthca_pd.c
mthca_profile.c treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
mthca_profile.h
mthca_provider.c RDMA/mthca: Clear QP objects during their allocation 2019-01-10 17:01:22 -07:00
mthca_provider.h
mthca_qp.c RDMA: Cleanup undesired pd->uobject usage 2018-12-18 19:15:48 -07:00
mthca_reset.c IB/mthca: Remove debug prints after allocation failure 2016-12-03 13:12:52 -05:00
mthca_srq.c RDMA: Cleanup undesired pd->uobject usage 2018-12-18 19:15:48 -07:00
mthca_uar.c
mthca_wqe.h