• Leon Romanovsky's avatar
    RDMA/mthca: Clear QP objects during their allocation · f7a43c65
    Leon Romanovsky authored
    [ Upstream commit 9d9f59b4 ]
    
    As part of audit process to update drivers to use rdma_restrack_add()
    ensure that QP objects is cleared before access. Such change fixes the
    crash observed with uninitialized non zero sgid attr accessed by
    ib_destroy_qp().
    
    CPU: 3 PID: 74 Comm: kworker/u16:1 Not tainted 4.19.10-300.fc29.x86_64
    Workqueue: ipoib_wq ipoib_cm_tx_reap [ib_ipoib]
    RIP: 0010:rdma_put_gid_attr+0x9/0x30 [ib_core]
    RSP: 0018:ffffb7ad819dbde8 EFLAGS: 00010202
    RAX: 0000000000000000 RBX: ffff8d1bdf5a2e00 RCX: 0000000000002699
    RDX: 206c656e72656af8 RSI: ffff8d1bf7ae6160 RDI: 206c656e72656b20
    RBP: 0000000000000000 R08: 0000000000026160 R09: ffffffffc06b45bf
    R10: ffffe849887da000 R11: 0000000000000002 R12: ffff8d1be30cb400
    R13: ffff8d1bdf681800 R14: ffff8d1be2272400 R15: ffff8d1be30ca000
    FS:  0000000000000000(0000) GS:ffff8d1bf7ac0000(0000)
    knlGS:0000000000000000
    Trace:
     ib_destroy_qp+0xc9/0x240 [ib_core]
     ipoib_cm_tx_reap+0x1f9/0x4e0 [ib_ipoib]
     process_one_work+0x1a1/0x3a0
     worker_thread+0x30/0x380
     ? pwq_unbound_release_workfn+0xd0/0xd0
     kthread+0x112/0x130
     ? kthread_create_worker_on_cpu+0x70/0x70
     ret_from_fork+0x22/0x40
    Reported-by: Alexander Murashkin's avatarAlexander Murashkin <AlexanderMurashkin@msn.com>
    Tested-by: Alexander Murashkin's avatarAlexander Murashkin <AlexanderMurashkin@msn.com>
    Fixes: 1a1f460f ("RDMA: Hold the sgid_attr inside the struct ib_ah/qp")
    Signed-off-by: 's avatarParav Pandit <parav@mellanox.com>
    Signed-off-by: 's avatarLeon Romanovsky <leonro@mellanox.com>
    Signed-off-by: 's avatarJason Gunthorpe <jgg@mellanox.com>
    Signed-off-by: 's avatarSasha Levin <sashal@kernel.org>
    f7a43c65
Name
Last commit
Last update
..
core Loading commit data...
hw Loading commit data...
sw Loading commit data...
ulp Loading commit data...
Kconfig Loading commit data...
Makefile Loading commit data...