Searched hist:"21 f9024355e58772ec5d7fc3534aa5e29d72a8b6" (Results 1 – 1 of 1) sorted by relevance
| /openbmc/linux/drivers/nvme/target/ |
| H A D | rdma.c | diff 21f9024355e58772ec5d7fc3534aa5e29d72a8b6 Tue Apr 07 06:02:28 CDT 2020 Israel Rukshin <israelr@mellanox.com> nvmet-rdma: fix double free of rdma queue
In case rdma accept fails at nvmet_rdma_queue_connect(), release work is
scheduled. Later on, a new RDMA CM event may arrive since we didn't
destroy the cm-id and call nvmet_rdma_queue_connect_fail(), which
schedule another release work. This will cause calling
nvmet_rdma_free_queue twice. To fix this we implicitly destroy the cm_id
with non-zero ret code, which guarantees that new rdma_cm events will
not arrive afterwards. Also add a qp pointer to nvmet_rdma_queue
structure, so we can use it when the cm_id pointer is NULL or was
destroyed.
Signed-off-by: Israel Rukshin <israelr@mellanox.com>
Suggested-by: Sagi Grimberg <sagi@grimberg.me>
Reviewed-by: Max Gurtovoy <maxg@mellanox.com>
Reviewed-by: Sagi Grimberg <sagi@grimberg.me>
Signed-off-by: Christoph Hellwig <hch@lst.de>
|