On Fri, Oct 04, 2019 at 02:53:56PM +0200, Bernard Metzler wrote:
> Storage ULPs (e.g. iSER & NVMeOF) use ib_drain_qp() to
> drain QP/CQ. Current SIW's own drain routines do not properly
> wait until all SQ/RQ elements are completed and reaped
> from the CQ. This may cause touch after free issues.
> New logic relies on generic __ib_drain_sq()/__ib_drain_rq()
> posting a final work request, which SIW immediately flushes
> to CQ.
>
> Fixes: 303ae1cdfdf7 ("rdma/siw: application interface")
> Signed-off-by: Krishnamraju Eraparaju <krishna2@xxxxxxxxxxx>
> Signed-off-by: Bernard Metzler <bmt@xxxxxxxxxxxxxx>
> ---
> v2 -> v3:
> - Handle ib_drain_sq()/ib_drain_rq() calls when QP's
> state is currently locked.
>
> v1 -> v2:
> - Accept SQ and RQ work requests, if QP is in ERROR
> state. In that case, immediately flush WR's to CQ.
> This already provides needed functionality to
> support ib_drain_sq()/ib_drain_rq() without extra
> state checking in the fast path.
>
> drivers/infiniband/sw/siw/siw_main.c | 20 ----
> drivers/infiniband/sw/siw/siw_verbs.c | 144 ++++++++++++++++++++++----
> 2 files changed, 122 insertions(+), 42 deletions(-)
Applied to for-next, thanks
Jason
