Roland Dreier wrote:
> BTW: any idea how this ever got triggered? The only way I can see is
> if you're either not using libipathverbs and libibverbs and you just
> create the CQ some other way, which seems unlikely. Do you know how
> Jason triggered this bug?
Yes, it was because he was
> BTW: any idea how this ever got triggered? The only way I can see is
> if you're either not using libipathverbs and libibverbs and you just
> create the CQ some other way, which seems unlikely. Do you know how
> Jason triggered this bug?
Yes, it was because he was using 32-bit userspace
Roland Dreier wrote:
I just queued all of this for 2.6.22.
Is there any chance of getting a fix for the use-after-free that can
be caused by allocating something from userspace, failing to mmap the
buffer and then exiting? To see what happens, look at how
ipath_create_cq sticks a struct
Roland Dreier wrote:
I just queued all of this for 2.6.22.
Is there any chance of getting a fix for the use-after-free that can
be caused by allocating something from userspace, failing to mmap the
buffer and then exiting? To see what happens, look at how
ipath_create_cq sticks a struct
BTW: any idea how this ever got triggered? The only way I can see is
if you're either not using libipathverbs and libibverbs and you just
create the CQ some other way, which seems unlikely. Do you know how
Jason triggered this bug?
Yes, it was because he was using 32-bit userspace and
Roland Dreier wrote:
BTW: any idea how this ever got triggered? The only way I can see is
if you're either not using libipathverbs and libibverbs and you just
create the CQ some other way, which seems unlikely. Do you know how
Jason triggered this bug?
Yes, it was because he was using
Roland Dreier wrote:
> Is there any chance of getting a fix for the use-after-free that can
> be caused by allocating something from userspace, failing to mmap the
> buffer and then exiting? To see what happens, look at how
> ipath_create_cq sticks a struct ipath_mmap_info into the pending
> Is there any chance of getting a fix for the use-after-free that can
> be caused by allocating something from userspace, failing to mmap the
> buffer and then exiting? To see what happens, look at how
> ipath_create_cq sticks a struct ipath_mmap_info into the pending mmap
> "list" (and yes
I just queued all of this for 2.6.22.
Is there any chance of getting a fix for the use-after-free that can
be caused by allocating something from userspace, failing to mmap the
buffer and then exiting? To see what happens, look at how
ipath_create_cq sticks a struct ipath_mmap_info into the
I just queued all of this for 2.6.22.
Is there any chance of getting a fix for the use-after-free that can
be caused by allocating something from userspace, failing to mmap the
buffer and then exiting? To see what happens, look at how
ipath_create_cq sticks a struct ipath_mmap_info into the
Is there any chance of getting a fix for the use-after-free that can
be caused by allocating something from userspace, failing to mmap the
buffer and then exiting? To see what happens, look at how
ipath_create_cq sticks a struct ipath_mmap_info into the pending mmap
list (and yes it
Roland Dreier wrote:
Is there any chance of getting a fix for the use-after-free that can
be caused by allocating something from userspace, failing to mmap the
buffer and then exiting? To see what happens, look at how
ipath_create_cq sticks a struct ipath_mmap_info into the pending mmap
Are these really all for 2.6.22? Some of them seem like bugfixes that
you would want in 2.6.21...
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read
Are these really all for 2.6.22? Some of them seem like bugfixes that
you would want in 2.6.21...
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
16 matches
Mail list logo
