IB/core: Free umem when mm is already gone
Free umem when task's mm is already destroyed by the time ib_umem_release gets called. Found by Dotan Barak at Mellanox. Signed-off-by: Eli Cohen <eli@mellanox.co.il> Signed-off-by: Roland Dreier <rolandd@cisco.com>
This commit is contained in:
parent
55b637c6a0
commit
7b82cd8ee7
1 changed files with 3 additions and 1 deletions
|
@ -209,8 +209,10 @@ void ib_umem_release(struct ib_umem *umem)
|
|||
__ib_umem_release(umem->context->device, umem, 1);
|
||||
|
||||
mm = get_task_mm(current);
|
||||
if (!mm)
|
||||
if (!mm) {
|
||||
kfree(umem);
|
||||
return;
|
||||
}
|
||||
|
||||
diff = PAGE_ALIGN(umem->length + umem->offset) >> PAGE_SHIFT;
|
||||
|
||||
|
|
Loading…
Reference in a new issue