projects / openwrt / staging / blogic.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 914e5d7)
RDMA/uverbs: Fix RCU annotation for radix slot deference
authorJason Gunthorpe <jgg@mellanox.com>
Fri, 28 Sep 2018 22:28:02 +0000 (16:28 -0600)
committerJason Gunthorpe <jgg@mellanox.com>
Wed, 3 Oct 2018 22:01:40 +0000 (16:01 -0600)
The uapi radix tree is a write-once data structure protected by kref.
Once we get to the ioctl() fop it is not possible for anything else
to be writing to it, so the access should use rcu_dereference_protected.

Reported-by: Matthew Wilcox <willy@infradead.org>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
drivers/infiniband/core/uverbs_ioctl.c patch | blob | history

diff --git a/drivers/infiniband/core/uverbs_ioctl.c b/drivers/infiniband/core/uverbs_ioctl.c
index 0e95a5888274b4fd62508698bff65dd43e5a49db..b0e493e8d860ab046fd4ff44eb8873fd42a7690f 100644 (file)
--- a/drivers/infiniband/core/uverbs_ioctl.c
+++ b/drivers/infiniband/core/uverbs_ioctl.c
@@ -386,8 +386,7 @@ static int uverbs_set_attr(struct bundle_priv *pbundle,
                        return -EPROTONOSUPPORT;
                return 0;
        }
-       attr = srcu_dereference(
-               *slot, &pbundle->bundle.ufile->device->disassociate_srcu);
+       attr = rcu_dereference_protected(*slot, true);
 
        /* Reject duplicate attributes from user-space */
        if (test_bit(attr_bkey, pbundle->bundle.attr_present))
@@ -498,9 +497,7 @@ static int bundle_destroy(struct bundle_priv *pbundle, bool commit)
                if (WARN_ON(!slot))
                        continue;
 
-               attr_uapi = srcu_dereference(
-                       *slot,
-                       &pbundle->bundle.ufile->device->disassociate_srcu);
+               attr_uapi = rcu_dereference_protected(*slot, true);
 
                if (attr_uapi->spec.type == UVERBS_ATTR_TYPE_IDRS_ARRAY) {
                        current_ret = uverbs_free_idrs_array(
@@ -542,7 +539,7 @@ static int ib_uverbs_cmd_verbs(struct ib_uverbs_file *ufile,
                        uapi_key_ioctl_method(hdr->method_id));
        if (unlikely(!slot))
                return -EPROTONOSUPPORT;
-       method_elm = srcu_dereference(*slot, &ufile->device->disassociate_srcu);
+       method_elm = rcu_dereference_protected(*slot, true);
 
        if (!method_elm->use_stack) {
                pbundle = kmalloc(method_elm->bundle_size, GFP_KERNEL);
John Crispins staging tree