proxmox-mirrors/mirror_ubuntu-kernels
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_ubuntu-kernels.git synced 2025-12-21 17:25:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
cafe7e544d
mirror_ubuntu-kernels/drivers/infiniband
History
Douglas Miller 2bbac98d09 RDMA/hfi1: Fix use-after-free bug for mm struct 
Under certain conditions, such as MPI_Abort, the hfi1 cleanup code may
represent the last reference held on the task mm.
hfi1_mmu_rb_unregister() then drops the last reference and the mm is freed
before the final use in hfi1_release_user_pages().  A new task may
allocate the mm structure while it is still being used, resulting in
problems. One manifestation is corruption of the mmap_sem counter leading
to a hang in down_write().  Another is corruption of an mm struct that is
in use by another task.

Fixes: 3d2a9d6425 ("IB/hfi1: Ensure correct mm is used at all times")
Link: https://lore.kernel.org/r/20220408133523.122165.72975.stgit@awfm-01.cornelisnetworks.com
Cc: <stable@vger.kernel.org>
Signed-off-by: Douglas Miller <doug.miller@cornelisnetworks.com>
Signed-off-by: Dennis Dalessandro <dennis.dalessandro@cornelisnetworks.com>
Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
2022-04-08 15:40:06 -03:00
..
core IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD 2022-04-04 10:32:02 -03:00
hw RDMA/hfi1: Fix use-after-free bug for mm struct 2022-04-08 15:40:06 -03:00
sw IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition 2022-04-04 14:45:02 -03:00
ulp SCSI misc on 20220324 2022-03-24 19:37:53 -07:00
Kconfig RDMA/irdma: Add irdma Kconfig/Makefile and remove i40iw 2021-06-02 20:06:36 -03:00
Makefile treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00