Hi Sagi
On 05/09/2018 11:06 PM, Sagi Grimberg wrote:
> The correct fix would be to add a tag for stop_queue and call
> nvme_rdma_stop_queue() in all the failure cases after
> nvme_rdma_start_queue.
Would you please look at the V2 in following link ?
Hi Sagi
On 05/09/2018 11:06 PM, Sagi Grimberg wrote:
> The correct fix would be to add a tag for stop_queue and call
> nvme_rdma_stop_queue() in all the failure cases after
> nvme_rdma_start_queue.
Would you please look at the V2 in following link ?
On 05/04/2018 11:02 AM, Jianchao Wang wrote:
When nvme_init_identify in nvme_rdma_configure_admin_queue fails,
the ctrl->queues[0] is freed but the NVME_RDMA_Q_LIVE is still set.
If nvme_rdma_stop_queue is invoked, we will incur use-after-free
which will cause memory corruption.
BUG: KASAN:
On 05/04/2018 11:02 AM, Jianchao Wang wrote:
When nvme_init_identify in nvme_rdma_configure_admin_queue fails,
the ctrl->queues[0] is freed but the NVME_RDMA_Q_LIVE is still set.
If nvme_rdma_stop_queue is invoked, we will incur use-after-free
which will cause memory corruption.
BUG: KASAN:
Looks fine,
Reviewed-by: Christoph Hellwig
Looks fine,
Reviewed-by: Christoph Hellwig
Looks good,
Reviewed-by: Johannes Thumshirn
--
Johannes Thumshirn Storage
jthumsh...@suse.de+49 911 74053 689
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: Felix Imendörffer, Jane Smithard, Graham
Looks good,
Reviewed-by: Johannes Thumshirn
--
Johannes Thumshirn Storage
jthumsh...@suse.de+49 911 74053 689
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG
When nvme_init_identify in nvme_rdma_configure_admin_queue fails,
the ctrl->queues[0] is freed but the NVME_RDMA_Q_LIVE is still set.
If nvme_rdma_stop_queue is invoked, we will incur use-after-free
which will cause memory corruption.
BUG: KASAN: use-after-free in rdma_disconnect+0x1f/0xe0
When nvme_init_identify in nvme_rdma_configure_admin_queue fails,
the ctrl->queues[0] is freed but the NVME_RDMA_Q_LIVE is still set.
If nvme_rdma_stop_queue is invoked, we will incur use-after-free
which will cause memory corruption.
BUG: KASAN: use-after-free in rdma_disconnect+0x1f/0xe0
10 matches
Mail list logo