[PATCH rdma-next v4 0/8] Fix memory corruption in CM
From: Leon Romanovsky
Date: Wed Jun 02 2021 - 06:27:16 EST
From: Leon Romanovsky <leonro@xxxxxxxxxx>
Changelog:
v4:
* Added comment near cm_destroy_av()
* Changed "unregistration lock" to be "mad_agent_lock" in the comment
* Removed unclear comment
v3: https://lore.kernel.org/lkml/cover.1620720467.git.leonro@xxxxxxxxxx
* Removed double unlock
* Changes in cma_release flow
v2: https://lore.kernel.org/lkml/cover.1619004798.git.leonro@xxxxxxxxxx
* Included Jason's patches in this series
v1: https://lore.kernel.org/linux-rdma/20210411122152.59274-1-leon@xxxxxxxxxx
* Squashed "remove mad_agent ..." patches to make sure that we don't
need to check for the NULL argument.
v0: https://lore.kernel.org/lkml/20210318100309.670344-1-leon@xxxxxxxxxx
-------------------------------------------------------------------------------
Hi,
This series from Mark fixes long standing bug in CM migration logic,
reported by Ryan [1].
Thanks
[1] https://lore.kernel.org/linux-rdma/CAFMmRNx9cg--NUnZjFM8yWqFaEtsmAWV4EogKb3a0+hnjdtJFA@xxxxxxxxxxxxxx/
Jason Gunthorpe (4):
IB/cm: Pair cm_alloc_response_msg() with a cm_free_response_msg()
IB/cm: Split cm_alloc_msg()
IB/cm: Call the correct message free functions in cm_send_handler()
IB/cm: Tidy remaining cm_msg free paths
Mark Zhang (4):
Revert "IB/cm: Mark stale CM id's whenever the mad agent was
unregistered"
IB/cm: Simplify ib_cancel_mad() and ib_modify_mad() calls
IB/cm: Improve the calling of cm_init_av_for_lap and
cm_init_av_by_path
IB/cm: Protect cm_dev, cm_ports and mad_agent with kref and lock
drivers/infiniband/core/cm.c | 621 +++++++++++++++--------------
drivers/infiniband/core/mad.c | 17 +-
drivers/infiniband/core/sa_query.c | 4 +-
include/rdma/ib_mad.h | 27 +-
4 files changed, 346 insertions(+), 323 deletions(-)
--
2.31.1