[ofa-general] PATCH 1/1 - fix kernel crash in mad.c when IB_MAD_RESULT_(SUCCESS|CONSUMED) returned
Dave Olson
dave.olson at qlogic.com
Tue May 20 15:08:51 PDT 2008
Ralph Campbell will submit this patch for ofed 1.3.1, also.
IB/MAD - fix crash when HCA returns IB_MAD_RESULT_SUCCESS|IB_MAD_RESULT_CONSUMED
This was observed with the hw/ipath driver, but could happen with any
driver. It's OFED bug 1027. The fix is to kfree the local data and
break, rather than falling through.
Signed-off-by: Dave Olson <dave.olson at qlogic.com>
--- a/drivers/infiniband/core/mad.c
+++ b/drivers/infiniband/core/mad.c
@@ -747,7 +747,8 @@ static int handle_outgoing_dr_smp(struct
ib_mad_agent_private *mad_agent_priv,
break;
case IB_MAD_RESULT_SUCCESS | IB_MAD_RESULT_CONSUMED:
kmem_cache_free(ib_mad_cache, mad_priv);
- break;
+ kfree(local);
+ goto out;
case IB_MAD_RESULT_SUCCESS:
/* Treat like an incoming receive MAD */
port_priv = ib_get_mad_port(mad_agent_priv->agent.device,
Dave Olson
dave.olson at qlogic.com
More information about the general
mailing list