From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Parav Pandit <parav@mellanox.com>,
Daniel Jurgens <danielj@mellanox.com>,
Leon Romanovsky <leonro@mellanox.com>,
Dennis Dalessandro <dennis.dalessandro@intel.com>,
Jason Gunthorpe <jgg@mellanox.com>
Subject: [PATCH 4.9 047/111] RDMA/cma: Protect cma dev list with lock
Date: Mon, 24 Sep 2018 13:52:14 +0200 [thread overview]
Message-ID: <20180924113109.746674313@linuxfoundation.org> (raw)
In-Reply-To: <20180924113103.337261320@linuxfoundation.org>
4.9-stable review patch. If anyone has any objections, please let me know.
------------------
From: Parav Pandit <parav@mellanox.com>
commit 954a8e3aea87e896e320cf648c1a5bbe47de443e upstream.
When AF_IB addresses are used during rdma_resolve_addr() a lock is not
held. A cma device can get removed while list traversal is in progress
which may lead to crash. ie
CPU0 CPU1
==== ====
rdma_resolve_addr()
cma_resolve_ib_dev()
list_for_each() cma_remove_one()
cur_dev->device mutex_lock(&lock)
list_del();
mutex_unlock(&lock);
cma_process_remove();
Therefore, hold a lock while traversing the list which avoids such
situation.
Cc: <stable@vger.kernel.org> # 3.10
Fixes: f17df3b0dede ("RDMA/cma: Add support for AF_IB to rdma_resolve_addr()")
Signed-off-by: Parav Pandit <parav@mellanox.com>
Reviewed-by: Daniel Jurgens <danielj@mellanox.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Reviewed-by: Dennis Dalessandro <dennis.dalessandro@intel.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/infiniband/core/cma.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
--- a/drivers/infiniband/core/cma.c
+++ b/drivers/infiniband/core/cma.c
@@ -673,6 +673,7 @@ static int cma_resolve_ib_dev(struct rdm
dgid = (union ib_gid *) &addr->sib_addr;
pkey = ntohs(addr->sib_pkey);
+ mutex_lock(&lock);
list_for_each_entry(cur_dev, &dev_list, list) {
for (p = 1; p <= cur_dev->device->phys_port_cnt; ++p) {
if (!rdma_cap_af_ib(cur_dev->device, p))
@@ -696,18 +697,19 @@ static int cma_resolve_ib_dev(struct rdm
cma_dev = cur_dev;
sgid = gid;
id_priv->id.port_num = p;
+ goto found;
}
}
}
}
-
- if (!cma_dev)
- return -ENODEV;
+ mutex_unlock(&lock);
+ return -ENODEV;
found:
cma_attach_to_dev(id_priv, cma_dev);
- addr = (struct sockaddr_ib *) cma_src_addr(id_priv);
- memcpy(&addr->sib_addr, &sgid, sizeof sgid);
+ mutex_unlock(&lock);
+ addr = (struct sockaddr_ib *)cma_src_addr(id_priv);
+ memcpy(&addr->sib_addr, &sgid, sizeof(sgid));
cma_translate_ib(addr, &id_priv->id.route.addr.dev_addr);
return 0;
}
next prev parent reply other threads:[~2018-09-24 12:02 UTC|newest]
Thread overview: 121+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-24 11:51 [PATCH 4.9 000/111] 4.9.129-stable review Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 001/111] be2net: Fix memory leak in be_cmd_get_profile_config() Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 002/111] rds: fix two RCU related problems Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 003/111] net/mlx5: Fix use-after-free in self-healing flow Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 004/111] net/mlx5: Fix debugfs cleanup in the device init/remove flow Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 005/111] iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 006/111] ALSA: msnd: Fix the default sample sizes Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 007/111] ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 008/111] xfrm: fix passing zero to ERR_PTR() warning Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 009/111] gfs2: Special-case rindex for gfs2_grow Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 010/111] clk: imx6ul: fix missing of_node_put() Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 011/111] clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 012/111] kbuild: add .DELETE_ON_ERROR special target Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 013/111] media: tw686x: Fix oops on buffer alloc failure Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 014/111] dmaengine: pl330: fix irq race with terminate_all Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 015/111] MIPS: ath79: fix system restart Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 016/111] media: videobuf2-core: check for q->error in vb2_core_qbuf() Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 017/111] IB/rxe: Drop QP0 silently Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 018/111] mtd/maps: fix solutionengine.c printk format warnings Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 019/111] perf test: Fix subtest number when showing results Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 020/111] gfs2: Dont reject a supposedly full bitmap if we have blocks reserved Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 021/111] fbdev: omapfb: off by one in omapfb_register_client() Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 022/111] video: goldfishfb: fix memory leak on driver remove Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 023/111] fbdev/via: fix defined but not used warning Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 024/111] perf powerpc: Fix callchain ip filtering when return address is in a register Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 025/111] video: fbdev: pxafb: clear allocated memory for video modes Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 026/111] fbdev: Distinguish between interlaced and progressive modes Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 027/111] ARM: exynos: Clear global variable on init error path Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 028/111] perf powerpc: Fix callchain ip filtering Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 029/111] powerpc/powernv: opal_put_chars partial write fix Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 030/111] MIPS: jz4740: Bump zload address Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 031/111] mac80211: restrict delayed tailroom needed decrement Greg Kroah-Hartman
2018-09-24 11:51 ` [PATCH 4.9 032/111] Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 033/111] wan/fsl_ucc_hdlc: use IS_ERR_VALUE() to check return value of qe_muram_alloc Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 034/111] efi/arm: preserve early mapping of UEFI memory map longer for BGRT Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 035/111] nfp: avoid buffer leak when FW communication fails Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 036/111] xen-netfront: fix queue name setting Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 037/111] arm64: dts: qcom: db410c: Fix Bluetooth LED trigger Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 038/111] ARM: dts: qcom: msm8974-hammerhead: increase load on l20 for sdhci Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 039/111] s390/qeth: fix race in used-buffer accounting Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 040/111] s390/qeth: reset layer2 attribute on layer switch Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 041/111] platform/x86: toshiba_acpi: Fix defined but not used build warnings Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 042/111] KVM: arm/arm64: Fix vgic init race Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 043/111] drivers/base: stop new probing during shutdown Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 044/111] dmaengine: mv_xor_v2: kill the tasklets upon exit Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 045/111] crypto: sharah - Unregister correct algorithms for SAHARA 3 Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 046/111] xen-netfront: fix warn message as irq device name has / Greg Kroah-Hartman
2018-09-24 11:52 ` Greg Kroah-Hartman [this message]
2018-09-24 11:52 ` [PATCH 4.9 048/111] pstore: Fix incorrect persistent ram buffer mapping Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 049/111] xen/netfront: fix waiting for xenbus state change Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 050/111] IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 051/111] mmc: omap_hsmmc: fix wakeirq handling on removal Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 052/111] Tools: hv: Fix a bug in the key delete code Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 053/111] misc: hmc6352: fix potential Spectre v1 Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 054/111] usb: Dont die twice if PCI xhci host is not responding in resume Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 055/111] mei: ignore not found client in the enumeration Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 056/111] USB: Add quirk to support DJI CineSSD Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 057/111] usb: uas: add support for more quirk flags Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 058/111] usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 059/111] usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 060/111] USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 061/111] usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0 Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 062/111] USB: net2280: Fix erroneous synchronization change Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 063/111] USB: serial: io_ti: fix array underflow in completion handler Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 064/111] usb: misc: uss720: Fix two sleep-in-atomic-context bugs Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 065/111] USB: serial: ti_usb_3410_5052: fix array underflow in completion handler Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 066/111] USB: yurex: Fix buffer over-read in yurex_write() Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 067/111] usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt() Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 068/111] Revert "cdc-acm: implement put_char() and flush_chars()" Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 069/111] cifs: prevent integer overflow in nxt_dir_entry() Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 070/111] CIFS: fix wrapping bugs in num_entries() Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 071/111] perf/core: Force USER_DS when recording user stack data Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 072/111] NFSv4.1 fix infinite loop on I/O Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 073/111] binfmt_elf: Respect error return from `regset->active Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 074/111] audit: fix use-after-free in audit_add_watch Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 075/111] mtdchar: fix overflows in adjustment of `count` Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 076/111] evm: Dont deadlock if a crypto algorithm is unavailable Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 077/111] MIPS: loongson64: cs5536: Fix PCI_OHCI_INT_REG reads Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 078/111] configfs: fix registered group removal Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 079/111] efi/esrt: Only call efi_mem_reserve() for boot services memory Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 080/111] ARM: hisi: handle of_iomap and fix missing of_node_put Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 081/111] ARM: hisi: fix error handling and " Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 082/111] ARM: hisi: check of_iomap and fix " Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 083/111] gpu: ipu-v3: csi: pass back mbus_code_to_bus_cfg error codes Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 084/111] mmc: tegra: prevent HS200 on Tegra 3 Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 085/111] mmc: sdhci: do not try to use 3.3V signaling if not supported Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 086/111] drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 087/111] parport: sunbpp: fix error return code Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 088/111] coresight: Handle errors in finding input/output ports Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 089/111] coresight: tpiu: Fix disabling timeouts Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 090/111] gpio: pxa: Fix potential NULL dereference Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 091/111] gpiolib: Mark gpio_suffixes array with __maybe_unused Greg Kroah-Hartman
2018-09-24 11:52 ` [PATCH 4.9 092/111] mfd: 88pm860x-i2c: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 093/111] input: rohm_bu21023: " Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 094/111] rcu: Fix grace-period hangs due to race with CPU offline Greg Kroah-Hartman
2018-09-24 16:45 ` Paul E. McKenney
2018-09-24 11:53 ` [PATCH 4.9 095/111] drm/amdkfd: Fix error codes in kfd_get_process Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 096/111] rtc: bq4802: add error handling for devm_ioremap Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 097/111] ALSA: pcm: Fix snd_interval_refine first/last with open min/max Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 098/111] selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock adjustments are in progress Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 099/111] drm/panel: type promotion bug in s6e8aa0_read_mtp_id() Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 100/111] IB/nes: Fix a compiler warning Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 101/111] gpiolib: Respect error code of ->get_direction() Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 102/111] pinctrl: qcom: spmi-gpio: Fix pmic_gpio_config_get() to be compliant Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 103/111] mei: bus: type promotion bug in mei_nfc_if_version() Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 104/111] MIPS: VDSO: Match data page cache colouring when D$ aliases Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 105/111] e1000e: Remove Other from EIAC Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 106/111] Partial revert "e1000e: Avoid receiver overrun interrupt bursts" Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 107/111] e1000e: Fix queue interrupt re-raising in Other interrupt Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 108/111] e1000e: Avoid missed interrupts following ICR read Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 109/111] Revert "e1000e: Separate signaling for link check/link up" Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 110/111] e1000e: Fix link check race condition Greg Kroah-Hartman
2018-09-24 11:53 ` [PATCH 4.9 111/111] MIPS: VDSO: Drop gic_get_usm_range() usage Greg Kroah-Hartman
2018-09-25 1:35 ` Guenter Roeck
2018-09-25 3:38 ` SZ Lin (林上智)
2018-09-25 8:57 ` Greg Kroah-Hartman
2018-09-24 18:06 ` [PATCH 4.9 000/111] 4.9.129-stable review Nathan Chancellor
2018-09-24 22:21 ` Shuah Khan
2018-09-24 22:25 ` Dan Rue
2018-09-25 9:07 ` Greg Kroah-Hartman
2018-09-25 20:42 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180924113109.746674313@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=danielj@mellanox.com \
--cc=dennis.dalessandro@intel.com \
--cc=jgg@mellanox.com \
--cc=leonro@mellanox.com \
--cc=linux-kernel@vger.kernel.org \
--cc=parav@mellanox.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).