This patch updates core/ucm.c which didn't originally use the cdev.kobj.parent with it's parent device. I did not look heavily into whether this was a bug or not, but it seems likely to me there would be a use before free.
I also took a look at core/uverbs_main.c, core/user_mad.c and hw/hfi1/device.c which utilize cdev.kobj.parent but because the infiniband core seems to use kobjs internally instead of struct devices they could not be converted to use the new helper API and still directly manipulate the internals of the kobj. Signed-off-by: Logan Gunthorpe <log...@deltatee.com> --- drivers/infiniband/core/ucm.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/infiniband/core/ucm.c b/drivers/infiniband/core/ucm.c index e0a995b..38ea316 100644 --- a/drivers/infiniband/core/ucm.c +++ b/drivers/infiniband/core/ucm.c @@ -1283,18 +1283,20 @@ static void ib_ucm_add_one(struct ib_device *device) set_bit(devnum, dev_map); } + device_initialize(&ucm_dev->dev); + ucm_dev->dev.devt = base; + cdev_init(&ucm_dev->cdev, &ucm_fops); ucm_dev->cdev.owner = THIS_MODULE; kobject_set_name(&ucm_dev->cdev.kobj, "ucm%d", ucm_dev->devnum); - if (cdev_add(&ucm_dev->cdev, base, 1)) + if (device_add_cdev(&ucm_dev->dev, &ucm_dev->cdev)) goto err; ucm_dev->dev.class = &cm_class; ucm_dev->dev.parent = device->dma_device; - ucm_dev->dev.devt = ucm_dev->cdev.dev; ucm_dev->dev.release = ib_ucm_release_dev; dev_set_name(&ucm_dev->dev, "ucm%d", ucm_dev->devnum); - if (device_register(&ucm_dev->dev)) + if (device_add(&ucm_dev->dev)) goto err_cdev; if (device_create_file(&ucm_dev->dev, &dev_attr_ibdev)) -- 2.1.4 _______________________________________________ Linux-nvdimm mailing list Linux-nvdimm@lists.01.org https://lists.01.org/mailman/listinfo/linux-nvdimm