On Tue, Mar 20, 2018 at 12:06:14PM +0200, Yuval Shaia wrote: > On Tue, Mar 20, 2018 at 10:18:47AM +0200, Leon Romanovsky wrote: > > From: Leon Romanovsky <leonro@xxxxxxxxxxxx> > > > > Prior to access UCMA commands, the context should be initialized > > and connected to CM_ID with ucma_create_id(). In case user skips > > this step, he can provide non-valid ctx without CM_ID and cause > > to multiple NULL dereferences. > > I don't quite understand how user can do it. > The two places where ctx is created are followed immediately by the > initialization of cm_id. > > I probably missing something here and appreciate if you can elaborate more > on that. User's call to ucma_create_id() will trigger allocation of ctx and after that addition of it to the file->ctx_list. There is an opportunity to try and close ucma file, but cm_id is not initialized yet. Additionally such window will exist if __rdma_create_id returns with error. All that time, idr_find will success to find ctx, because it exists. Thanks
Attachment:
signature.asc
Description: PGP signature
