korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-16 00:34:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
7e613be7c6
linux/drivers/scsi/mpt3sas
History
Yang Yingliang 78316e9dfc scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() 
In mpt3sas_transport_port_add(), if sas_rphy_add() returns error,
sas_rphy_free() needs be called to free the resource allocated in
sas_end_device_alloc(). Otherwise a kernel crash will happen:

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000108
CPU: 45 PID: 37020 Comm: bash Kdump: loaded Tainted: G        W          6.1.0-rc1+ #189
pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : device_del+0x54/0x3d0
lr : device_del+0x37c/0x3d0
Call trace:
 device_del+0x54/0x3d0
 attribute_container_class_device_del+0x28/0x38
 transport_remove_classdev+0x6c/0x80
 attribute_container_device_trigger+0x108/0x110
 transport_remove_device+0x28/0x38
 sas_rphy_remove+0x50/0x78 [scsi_transport_sas]
 sas_port_delete+0x30/0x148 [scsi_transport_sas]
 do_sas_phy_delete+0x78/0x80 [scsi_transport_sas]
 device_for_each_child+0x68/0xb0
 sas_remove_children+0x30/0x50 [scsi_transport_sas]
 sas_rphy_remove+0x38/0x78 [scsi_transport_sas]
 sas_port_delete+0x30/0x148 [scsi_transport_sas]
 do_sas_phy_delete+0x78/0x80 [scsi_transport_sas]
 device_for_each_child+0x68/0xb0
 sas_remove_children+0x30/0x50 [scsi_transport_sas]
 sas_remove_host+0x20/0x38 [scsi_transport_sas]
 scsih_remove+0xd8/0x420 [mpt3sas]

Because transport_add_device() is not called when sas_rphy_add() fails, the
device is not added. When sas_rphy_remove() is subsequently called to
remove the device in the remove() path, a NULL pointer dereference happens.

Fixes: f92363d123 ("[SCSI] mpt3sas: add new driver supporting 12GB SAS")
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
Link: https://lore.kernel.org/r/20221109032403.1636422-1-yangyingliang@huawei.com
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
2022-11-25 23:12:23 +00:00
..
mpi scsi: mpt3sas: Add support for ATTO ExpressSAS H12xx GT devices 2022-08-31 23:39:57 -04:00
Kconfig scsi: mpt3sas: Fix spelling mistake in Kconfig "compatiblity" -> "compatibility" 2021-01-05 23:25:07 -05:00
Makefile scsi: mpt3sas: Capture IOC data for debugging purposes 2020-05-07 22:24:27 -04:00
mpt3sas_base.c scsi: mpt3sas: Revert "scsi: mpt3sas: Fix ioc->base_readl() use" 2022-09-25 13:34:54 -04:00
mpt3sas_base.h scsi: mpt3sas: Update driver version to 43.100.00.00 2022-09-01 00:15:47 -04:00
mpt3sas_config.c scsi: mpt3sas: Add support for ATTO ExpressSAS H12xx GT devices 2022-08-31 23:39:57 -04:00
mpt3sas_ctl.c scsi: mpt3sas: Fix trace buffer registration failed 2022-09-01 00:15:46 -04:00
mpt3sas_ctl.h scsi: mpt3sas: Fix out-of-bounds warnings in _ctl_addnl_diag_query 2021-04-13 00:31:05 -04:00
mpt3sas_debug.h
mpt3sas_debugfs.c scsi: mpt3sas: Remove unused including <linux/version.h> 2020-05-11 23:09:21 -04:00
mpt3sas_scsih.c SCSI misc on 20221007 2022-10-07 12:33:18 -07:00
mpt3sas_transport.c scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() 2022-11-25 23:12:23 +00:00
mpt3sas_trigger_diag.c scsi: mpt3sas: Additional diagnostic buffer query interface 2021-02-08 22:02:07 -05:00
mpt3sas_trigger_diag.h scsi: mpt3sas: Fix spelling mistake 2020-06-15 23:28:46 -04:00
mpt3sas_trigger_pages.h scsi: mpt3sas: Add persistent trigger pages support 2020-12-09 11:34:18 -05:00
mpt3sas_warpdrive.c scsi: mpt3sas: Convert uses of pr_<level> with MPT3SAS_FMT to ioc_<level> 2018-10-10 22:00:43 -04:00