Le vendredi 16 mai 2014 à 13:05 +0200, Bart Van Assche a écrit :
> Avoid that closing /dev/infiniband/umad or /dev/infiniband/issm
> triggers a use-after-free. __fput() in fs/file_table.c invokes
> f_op->release() before it invokes cdev_put(). Make sure that the
> ib_umad_device structure is freed
Avoid that closing /dev/infiniband/umad or /dev/infiniband/issm
triggers a use-after-free. __fput() in fs/file_table.c invokes
f_op->release() before it invokes cdev_put(). Make sure that the
ib_umad_device structure is freed by the cdev_put() call instead of
f_op->release(). This avoids that chang
