xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

IB/iser: Fix error flow in iser ep connection establishment

Browse Source 
The current error flow code was releasing the IB connection object and
calling iscsi_destroy_endpoint() directly without going through the
reference counting mechanism introduced in commit 39ff05d ("IB/iser:
Enhance disconnection logic for multi-pathing"). This resulted in a
double free of the iscsi endpoint object, which causes a kernel NULL
pointer dereference.  Fix that by plugging into the IB conn reference
counting correctly.

Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: Roland Dreier <roland@purestorage.com>
This commit is contained in:
Or Gerlitz
2012-04-29 17:04:21 +03:00
committed by Roland Dreier
parent d48b97b403
commit 7d9c0de4ab
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
drivers/infiniband/ulp/iser/iser_verbs.c
View File

@@ -613,8 +613,9 @@ id_failure:
ib_conn->cma_id = NULL;
addr_failure:
ib_conn->state = ISER_CONN_DOWN;
iser_conn_put(ib_conn, 1); /* deref ib conn's cma id */
connect_failure:
iser_conn_release(ib_conn, 1);
iser_conn_put(ib_conn, 1); /* deref ib conn deallocate */
return err;
}