Re: [PATCH rdma-next v4 0/8] Fix memory corruption in CM
From: Jason Gunthorpe
Date: Wed Jun 02 2021 - 15:00:43 EST
On Wed, Jun 02, 2021 at 01:27:00PM +0300, Leon Romanovsky wrote:
> From: Leon Romanovsky <leonro@xxxxxxxxxx>
>
> Changelog:
> v4:
> * Added comment near cm_destroy_av()
> * Changed "unregistration lock" to be "mad_agent_lock" in the comment
> * Removed unclear comment
> v3: https://lore.kernel.org/lkml/cover.1620720467.git.leonro@xxxxxxxxxx
> * Removed double unlock
> * Changes in cma_release flow
> v2: https://lore.kernel.org/lkml/cover.1619004798.git.leonro@xxxxxxxxxx
> * Included Jason's patches in this series
> v1: https://lore.kernel.org/linux-rdma/20210411122152.59274-1-leon@xxxxxxxxxx
> * Squashed "remove mad_agent ..." patches to make sure that we don't
> need to check for the NULL argument.
> v0: https://lore.kernel.org/lkml/20210318100309.670344-1-leon@xxxxxxxxxx
>
> -------------------------------------------------------------------------------
>
> Hi,
>
> This series from Mark fixes long standing bug in CM migration logic,
> reported by Ryan [1].
>
> Thanks
>
> [1] https://lore.kernel.org/linux-rdma/CAFMmRNx9cg--NUnZjFM8yWqFaEtsmAWV4EogKb3a0+hnjdtJFA@xxxxxxxxxxxxxx/
>
> Jason Gunthorpe (4):
> IB/cm: Pair cm_alloc_response_msg() with a cm_free_response_msg()
> IB/cm: Split cm_alloc_msg()
> IB/cm: Call the correct message free functions in cm_send_handler()
> IB/cm: Tidy remaining cm_msg free paths
>
> Mark Zhang (4):
> Revert "IB/cm: Mark stale CM id's whenever the mad agent was
> unregistered"
> IB/cm: Simplify ib_cancel_mad() and ib_modify_mad() calls
> IB/cm: Improve the calling of cm_init_av_for_lap and
> cm_init_av_by_path
> IB/cm: Protect cm_dev, cm_ports and mad_agent with kref and lock
Applied to for-next, thanks
Jason