From 5da33bb3b9c230c08492f85d13caa330ce65906e Mon Sep 17 00:00:00 2001 From: Sean Hefty Date: Thu, 28 Jan 2010 10:19:20 -0800 Subject: [PATCH] dapl/cma: fix referencing freed address DAPL uses a pointer to reference the local and remote addresses of an endpoint. It expects that those addresses are located in memory that is always accessible. Typically, for the local address, the pointer references the address stored with the DAPL HCA device. However, for the cma provider, it changes this pointer to reference the address stored with the rdma_cm_id. This causes a problem when that endpoint is connected on the passive side of a connection. When connect requests are given to DAPL, a new rdma_cm_id is associated with the request. The DAPL code replaces the current rdma_cm_id associated with a user's endpoint with the new rdma_cm_id. The old rdma_cm_id is then deleted. But the endpoint's local address pointer still references the address stored with the old rdma_cm_id. The result is that any reference to the address will access freed memory. Fix this by keeping the local address pointer always pointing to the address associated with the DAPL HCA device. This is about the best that can be done given the DAPL interface design. Signed-off-by: Sean Hefty --- dapl/openib_common/qp.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/dapl/openib_common/qp.c b/dapl/openib_common/qp.c index b3795ab..17eae36 100644 --- a/dapl/openib_common/qp.c +++ b/dapl/openib_common/qp.c @@ -164,10 +164,7 @@ dapls_ib_qp_alloc(IN DAPL_IA * ia_ptr, ep_ptr->qp_handle = conn->cm_id->qp; ep_ptr->cm_handle = conn; ep_ptr->qp_state = IBV_QPS_INIT; - - /* setup up ep->param to reference the bound local address and port */ - ep_ptr->param.local_ia_address_ptr = - &conn->cm_id->route.addr.src_addr; + ep_ptr->param.local_port_qual = rdma_get_src_port(conn->cm_id); #else ep_ptr->qp_handle = ibv_create_qp(ib_pd_handle, &qp_create); -- 2.41.0