RE: [PATCH rdma-rc] IB/mlx5: Fix scatter to CQE in DCT QP creation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Jason,

Expect that the mailbox is corrupted there is a memory corruption in the
kernel which is worse (allocate DCT struct and then write to it as QP struct).

-----Original Message-----
From: linux-rdma-owner@xxxxxxxxxxxxxxx <linux-rdma-owner@xxxxxxxxxxxxxxx> On Behalf Of Leon Romanovsky
Sent: Thursday, April 18, 2019 11:32 AM
To: Jason Gunthorpe <jgg@xxxxxxxxxxxx>
Cc: Doug Ledford <dledford@xxxxxxxxxx>; Guy Levi(SW) <guyle@xxxxxxxxxxxx>; RDMA mailing list <linux-rdma@xxxxxxxxxxxxxxx>; Yonatan Cohen (SW) <yonatanc@xxxxxxxxxxxx>
Subject: Re: [PATCH rdma-rc] IB/mlx5: Fix scatter to CQE in DCT QP creation

On Thu, Apr 18, 2019 at 06:15:33AM +0000, Jason Gunthorpe wrote:
> On Wed, Apr 10, 2019 at 10:59:45AM +0300, Leon Romanovsky wrote:
> > From: Guy Levi <guyle@xxxxxxxxxxxx>
> >
> > The scatter to CQE over DCT QP actually has never been enabled since 
> > the driver refers to device QP context layout instead of device DCT 
> > context layout when it is configure the scatter to CQE relevant 
> > bits. It causes a memory corruption.
> > Additionally, A new capability is exposed to user-space which lets 
> > it to ensure that it will not enable the feature without this fix.
> >
> > Fixes: 5d6ff1babe ("IB/mlx5: Support scatter to CQE for DC transport 
> > type")
> > Signed-off-by: Guy Levi <guyle@xxxxxxxxxxxx>
> > Signed-off-by: Leon Romanovsky <leonro@xxxxxxxxxxxx>
> > ---
> >  drivers/infiniband/hw/mlx5/main.c |  2 ++
> >  drivers/infiniband/hw/mlx5/qp.c   | 11 +++++++----
> >  include/uapi/rdma/mlx5-abi.h      |  1 +
> >  3 files changed, 10 insertions(+), 4 deletions(-)
>
> I rewrote the commit message and applied it to for-rc
>
>     IB/mlx5: Fix scatter to CQE in DCT QP creation
>
>     When scatter to CQE is enabled on a DCT QP it corrupts the mailbox command
>     since it tried to treat it as as QP create mailbox command instead of a
>     DCT create command.
>
>     The corrupted mailbox command causes userspace to malfunction as the
>     device doesn't create the QP as expected.
>
>     A new mlx5 capability is exposed to user-space which ensures that it will
>     not enable the feature on DCT without this fix in the kernel.
>
>     Fixes: 5d6ff1babe ("IB/mlx5: Support scatter to CQE for DC transport type")
>     Signed-off-by: Guy Levi <guyle@xxxxxxxxxxxx>
>     Signed-off-by: Leon Romanovsky <leonro@xxxxxxxxxxxx>
>     Signed-off-by: Jason Gunthorpe <jgg@xxxxxxxxxxxx>
>
> Jason

Thanks
[Index of Archives]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Photo]     [Yosemite News]     [Yosemite Photos]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux