qiurui
/
Ubuntu-focal-kernel
mirror of https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Ubuntu-focal-kernel/drivers
History
Neta Ostrovsky cc5b9646fe net/mlx5: Update error handler for UCTX and UMEM 
In the fast unload flow, the device state is set to internal error,
which indicates that the driver started the destroy process.
In this case, when a destroy command is being executed, it should return
MLX5_CMD_STAT_OK.
Fix MLX5_CMD_OP_DESTROY_UCTX and MLX5_CMD_OP_DESTROY_UMEM to return OK
instead of EIO.

This fixes a call trace in the umem release process -
[ 2633.536695] Call Trace:
[ 2633.537518]  ib_uverbs_remove_one+0xc3/0x140 [ib_uverbs]
[ 2633.538596]  remove_client_context+0x8b/0xd0 [ib_core]
[ 2633.539641]  disable_device+0x8c/0x130 [ib_core]
[ 2633.540615]  __ib_unregister_device+0x35/0xa0 [ib_core]
[ 2633.541640]  ib_unregister_device+0x21/0x30 [ib_core]
[ 2633.542663]  __mlx5_ib_remove+0x38/0x90 [mlx5_ib]
[ 2633.543640]  auxiliary_bus_remove+0x1e/0x30 [auxiliary]
[ 2633.544661]  device_release_driver_internal+0x103/0x1f0
[ 2633.545679]  bus_remove_device+0xf7/0x170
[ 2633.546640]  device_del+0x181/0x410
[ 2633.547606]  mlx5_rescan_drivers_locked.part.10+0x63/0x160 [mlx5_core]
[ 2633.548777]  mlx5_unregister_device+0x27/0x40 [mlx5_core]
[ 2633.549841]  mlx5_uninit_one+0x21/0xc0 [mlx5_core]
[ 2633.550864]  remove_one+0x69/0xe0 [mlx5_core]
[ 2633.551819]  pci_device_remove+0x3b/0xc0
[ 2633.552731]  device_release_driver_internal+0x103/0x1f0
[ 2633.553746]  unbind_store+0xf6/0x130
[ 2633.554657]  kernfs_fop_write+0x116/0x190
[ 2633.555567]  vfs_write+0xa5/0x1a0
[ 2633.556407]  ksys_write+0x4f/0xb0
[ 2633.557233]  do_syscall_64+0x5b/0x1a0
[ 2633.558071]  entry_SYSCALL_64_after_hwframe+0x65/0xca
[ 2633.559018] RIP: 0033:0x7f9977132648
[ 2633.559821] Code: 89 02 48 c7 c0 ff ff ff ff eb b3 0f 1f 80 00 00 00 00 f3 0f 1e fa 48 8d 05 55 6f 2d 00 8b 00 85 c0 75 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 41 54 49 89 d4 55
[ 2633.562332] RSP: 002b:00007fffb1a83888 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2633.563472] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f9977132648
[ 2633.564541] RDX: 000000000000000c RSI: 000055b90546e230 RDI: 0000000000000001
[ 2633.565596] RBP: 000055b90546e230 R08: 00007f9977406860 R09: 00007f9977a54740
[ 2633.566653] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99774056e0
[ 2633.567692] R13: 000000000000000c R14: 00007f9977400880 R15: 000000000000000c
[ 2633.568725] ---[ end trace 10b4fe52945e544d ]---

Fixes: 6a6fabbfa3 ("net/mlx5: Update pci error handler entries and command translation")
Signed-off-by: Neta Ostrovsky <netao@nvidia.com>
Reviewed-by: Leon Romanovsky <leonro@nvidia.com>
Signed-off-by: Saeed Mahameed <saeedm@nvidia.com>

CVE-2021-47212
(backported from commit ba50cd9451f6c49cf0841c0a4a146ff6a2822699)
[koichiroden: Adjusted context due to missing commit 8f01054186
 ("net/mlx5: SF, Add port add delete functionality")]
Signed-off-by: Koichiro Den <koichiro.den@canonical.com>
Acked-by: Thibault Ferrante <thibault.ferrante@canonical.com>
Acked-by: Roxana Nicolescu <roxana.nicolescu@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
 		2024-09-27 10:50:35 +02:00
..
accessibility
acpi ACPI: processor: Fix memory leaks in error paths of processor_add() 2024-09-27 10:50:34 +02:00
amba
android binder: fix UAF caused by offsets overwrite 2024-09-27 10:50:34 +02:00
ata ata: pata_macio: Use WARN instead of BUG 2024-09-27 10:50:33 +02:00
atm atm: idt77252: prevent use after free in dequeue_rx() 2024-09-27 10:50:23 +02:00
auxdisplay
base devres: Initialize an uninitialized struct member 2024-09-27 10:50:32 +02:00
bcma
block rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings 2024-09-27 10:50:16 +02:00
bluetooth Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 2024-09-27 10:50:16 +02:00
bus
cdrom
char hwrng: amd - Convert PCIBIOS_* return codes to errnos 2024-09-27 10:50:15 +02:00
clk clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API 2024-09-27 10:50:31 +02:00
clocksource clocksource/drivers/timer-of: Remove percpu irq related code 2024-09-27 10:50:34 +02:00
connector
counter
cpufreq cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations 2024-09-27 10:50:22 +02:00
cpuidle
crypto
dax
dca
devfreq PM / devfreq: Fix buffer overflow in trans_stat_show 2024-09-27 10:50:28 +02:00
dio
dma dmaengine: ioatdma: Fix missing kmem_cache_destroy() 2024-08-02 16:16:19 +02:00
dma-buf
edac EDAC, i10nm: make skx_common.o a separate module 2024-09-27 10:50:10 +02:00
eisa
extcon
firewire
firmware firmware: turris-mox-rwtm: Initialize completion before mailbox 2024-09-27 10:50:11 +02:00
fpga
fsi
gnss
gpio gpio: davinci: Validate the obtained number of IRQs 2024-08-02 16:16:21 +02:00
gpu drm/i915/fence: Mark debug_fence_free() with __maybe_unused 2024-09-27 10:50:35 +02:00
greybus greybus: Fix use-after-free bug in gb_interface_release due to race condition. 2024-08-02 16:16:17 +02:00
hid HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup 2024-09-27 10:50:33 +02:00
hsi
hv Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic 2024-09-27 10:50:34 +02:00
hwmon hwmon: (w83627ehf) Fix underflows seen when writing limit attributes 2024-09-27 10:50:33 +02:00
hwspinlock
hwtracing intel_th: pci: Add Lunar Lake support 2024-08-02 16:16:17 +02:00
i2c i2c: riic: avoid potential division by zero 2024-09-27 10:50:23 +02:00
i3c
ide
idle
iio iio: fix scale application in iio_convert_raw_to_processed_unlocked 2024-09-27 10:50:34 +02:00
infiniband IB/hfi1: Fix potential deadlock on &irq_src_lock and &dd->uctxt_lock 2024-09-27 10:50:24 +02:00
input Input: uinput - reject requests with unreasonable number of slots 2024-09-27 10:50:33 +02:00
interconnect
iommu iommu/vt-d: Handle volatile descriptor status read 2024-09-27 10:50:32 +02:00
ipack
irqchip irqchip/armada-370-xp: Do not allow mapping IRQ 0 and 1 2024-09-27 10:50:31 +02:00
isdn mISDN: Fix a use after free in hfcmulti_tx() 2024-09-27 10:50:16 +02:00
leds leds: ss4200: Convert PCIBIOS_* return codes to errnos 2024-09-27 10:50:14 +02:00
lightnvm
macintosh macintosh/therm_windtunnel: fix module unload. 2024-09-27 10:50:13 +02:00
mailbox
mcb
md dm init: Handle minors larger than 255 2024-09-27 10:50:32 +02:00
media media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse 2024-09-27 10:50:31 +02:00
memory
memstick
message
mfd mfd: omap-usb-tll: Use struct_size to allocate tll 2024-09-27 10:50:12 +02:00
misc VMCI: Fix use-after-free when removing resource in vmci_resource_remove() 2024-09-27 10:50:34 +02:00
mmc mmc: sdhci-of-aspeed: fix module autoloading 2024-09-27 10:50:30 +02:00
mtd ubi: eba: properly rollback inside self_check_eba 2024-09-27 10:50:15 +02:00
mux
net net/mlx5: Update error handler for UCTX and UMEM 2024-09-27 10:50:35 +02:00
nfc nfc: pn533: Add poll mod list filling check 2024-09-27 10:50:27 +02:00
ntb
nubus
nvdimm
nvme nvmet-tcp: fix kernel crash if commands allocation fails 2024-09-27 10:50:34 +02:00
nvmem nvmem: Fix return type of devm_nvmem_device_get() in kerneldoc 2024-09-27 10:50:34 +02:00
of of/irq: Prevent device address out-of-bounds read in interrupt map walk 2024-09-27 10:50:33 +02:00
opp
oprofile
parisc
parport dev/parport: fix the array out-of-bounds risk 2024-09-27 10:50:17 +02:00
pci PCI: Add missing bridge lock to pci_bus_lock() 2024-09-27 10:50:33 +02:00
pcmcia pcmcia: Use resource_size function on resource object 2024-09-27 10:50:31 +02:00
perf
phy
pinctrl pinctrl: single: fix potential NULL dereference in pcs_get_function() 2024-09-27 10:50:27 +02:00
platform platform/x86: dell-smbios: Fix error path in dell_smbios_init() 2024-09-27 10:50:32 +02:00
pnp
power power: supply: axp288_charger: Round constant_charge_voltage writes down 2024-09-27 10:50:21 +02:00
powercap
pps
ps3
ptp ptp: Fix error message on failed pin verification 2024-08-02 16:16:10 +02:00
pwm pwm: stm32: Always do lazy disabling 2024-09-27 10:50:10 +02:00
rapidio
ras
regulator regulator: core: Fix modpost error "regulator_get_regmap" undefined 2024-08-02 16:16:19 +02:00
remoteproc remoteproc: imx_rproc: Skip over memory region when node value is NULL 2024-09-27 10:50:17 +02:00
reset reset: hi6220: Add support for AO reset controller 2024-09-27 10:50:31 +02:00
rpmsg
rtc rtc: isl1208: Fix return value of nvmem callbacks 2024-09-27 10:50:15 +02:00
s390 s390/cio: rename bitmap_size() -> idset_bitmap_size() 2024-09-27 10:50:22 +02:00
sbus
scsi scsi: aacraid: Fix double-free on probe failure 2024-09-27 10:50:28 +02:00
sfi
sh
siox
slimbus
soc soc: qcom: cmd-db: Map shared memory as WC, not WB 2024-09-27 10:50:27 +02:00
soundwire soundwire: stream: fix programming slave ports for non-continous port maps 2024-09-27 10:50:27 +02:00
spi spi: spi-fsl-lpspi: Fix scldiv calculation 2024-09-27 10:50:20 +02:00
spmi
ssb ssb: Fix division by zero issue in ssb_calc_clock_rate 2024-09-27 10:50:23 +02:00
staging staging: iio: frequency: ad9834: Validate frequency parameter value 2024-09-27 10:50:33 +02:00
target
tc
tee
thermal
thunderbolt
tty serial: core: check uartclk for zero to avoid divide by zero 2024-09-27 10:50:21 +02:00
uio Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic 2024-09-27 10:50:34 +02:00
usb usb: uas: set host status byte on data completion error 2024-09-27 10:50:31 +02:00
vfio
vhost
video
virt
virtio
visorbus
vlynq
vme
w1
watchdog watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger 2024-09-27 10:50:08 +02:00
xen
zorro
Kconfig
Makefile