[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20231006183028.GA1213337@nvidia.com>
Date: Fri, 6 Oct 2023 15:30:28 -0300
From: Jason Gunthorpe <jgg@...dia.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-rdma@...r.kernel.org, linux-kernel@...r.kernel.org,
Leon Romanovsky <leonro@...dia.com>
Subject: [GIT PULL] Please pull RDMA subsystem changes
Hi Linus,
Accumulated RC bug fixes - seems like a more serious set of bugs this
time.
Thanks,
Jason
The following changes since commit 0bb80ecc33a8fb5a682236443c1e740d5c917d1d:
Linux 6.6-rc1 (2023-09-10 16:28:41 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma.git tags/for-linus
for you to fetch changes up to c38d23a54445f9a8aa6831fafc9af0496ba02f9e:
RDMA/core: Require admin capabilities to set system parameters (2023-10-05 20:01:47 +0300)
----------------------------------------------------------------
v6.6 first rc pull request
This includes a fix for a significant security miss in checking the
RDMA_NLDEV_CMD_SYS_SET operation.
- UAF in SRP
- Error unwind failure in siw connection management
- Missing error checks
- NULL/ERR_PTR confusion in erdma
- Possible string truncation in CMA configfs and mlx4
- Data ordering issue in bnxt_re
- Missing stats decrement on object destroy in bnxt_re
- Mlx5 bugs in this merge window:
* Incorrect access_flag in the new mkey cache
* Missing unlock on error in flow steering
* lockdep possible deadlock on new mkey cache destruction
Plus a fix for this too
- Don't leak kernel stack memory to userspace in the CM
- Missing permission validation for RDMA_NLDEV_CMD_SYS_SET
----------------------------------------------------------------
Artem Chernyshev (1):
RDMA/cxgb4: Check skb value for failure to allocate
Bart Van Assche (1):
RDMA/srp: Do not call scsi_done() from srp_abort()
Bernard Metzler (1):
RDMA/siw: Fix connection failure handling
Cheng Xu (1):
RDMA/erdma: Fix NULL pointer access in regmr_cmd
Christophe JAILLET (1):
IB/mlx4: Fix the size of a buffer in add_port_entries()
Dan Carpenter (1):
RDMA/erdma: Fix error code in erdma_create_scatter_mtt()
Hamdan Igbaria (1):
RDMA/mlx5: Fix mutex unlocking on error flow for steering anchor creation
Konstantin Meskhidze (1):
RDMA/uverbs: Fix typo of sizeof argument
Leon Romanovsky (3):
RDMA/cma: Fix truncation compilation warning in make_cma_ports
RDMA/mlx5: Remove not-used cache disable flag
RDMA/core: Require admin capabilities to set system parameters
Mark Zhang (1):
RDMA/cma: Initialize ib_sa_multicast structure to 0 when join
Michael Guralnik (1):
RDMA/mlx5: Fix assigning access flags to cache mkeys
Selvin Xavier (2):
RDMA/bnxt_re: Fix the handling of control path response data
RDMA/bnxt_re: Decrement resource stats correctly
Shay Drory (2):
RDMA/mlx5: Fix NULL string error
RDMA/mlx5: Fix mkey cache possible deadlock on cleanup
drivers/infiniband/core/cma.c | 2 +-
drivers/infiniband/core/cma_configfs.c | 2 +-
drivers/infiniband/core/nldev.c | 1 +
drivers/infiniband/core/uverbs_main.c | 2 +-
drivers/infiniband/hw/bnxt_re/ib_verbs.c | 4 ++++
drivers/infiniband/hw/bnxt_re/qplib_rcfw.c | 11 +++++++++--
drivers/infiniband/hw/cxgb4/cm.c | 3 +++
drivers/infiniband/hw/erdma/erdma_verbs.c | 7 +++----
drivers/infiniband/hw/mlx4/sysfs.c | 2 +-
drivers/infiniband/hw/mlx5/fs.c | 2 +-
drivers/infiniband/hw/mlx5/main.c | 2 +-
drivers/infiniband/hw/mlx5/mr.c | 14 +++++++++++---
drivers/infiniband/sw/siw/siw_cm.c | 16 ++++++++++++----
drivers/infiniband/ulp/srp/ib_srp.c | 16 +++++-----------
14 files changed, 54 insertions(+), 30 deletions(-)
Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)
Powered by blists - more mailing lists