public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-08-05 16:54:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/include
History
Bart Van Assche 8e6882545d scsi: Avoid that scsi_exit_rq() triggers a use-after-free 
Dereferencing shost from scsi_exit_rq() is not safe because the SCSI
host may already have been freed when scsi_exit_rq() is called.
Increasing the shost reference count in scsi_init_rq() and dropping that
reference in scsi_exit_rq() is nontrivial since scsi_host_dev_release()
may sleep and since scsi_exit_rq() may be called from interrupt
context. Since scsi_exit_rq() only needs a single bit from shost, copy
that bit into struct scsi_cmnd.

Reported-by: Scott Bauer <scott.bauer@intel.com>
Fixes: e9c787e65c ("scsi: allocate scsi_cmnd structures as part of struct request")
Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Cc: Hannes Reinecke <hare@suse.com>
Cc: Scott Bauer <scott.bauer@intel.com>
Cc: Jan Kara <jack@suse.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
2017-06-12 20:55:58 -04:00
..
acpi
asm-generic Kbuild UAPI header export updates for v4.12 2017-05-10 20:45:36 -07:00
clocksource
crypto
drm drm/dp: start a DPCD based DP sink/branch device quirk database 2017-05-29 13:43:26 +03:00
dt-bindings Sort of on the quieter side this time, which is probably due more 2017-05-10 13:38:18 -07:00
keys
kvm KVM: arm/arm64: Fix bug when registering redist iodevs 2017-05-18 11:18:12 +02:00
linux scsi: storvsc: remove unnecessary channel inbound lock 2017-06-12 20:48:05 -04:00
math-emu
media [media] cec: rename MEDIA_CEC_NOTIFIER to CEC_NOTIFIER 2017-06-04 15:23:35 -03:00
memory
misc
net net: Update TCP congestion control documentation 2017-06-05 10:53:24 -04:00
pcmcia
ras
rdma RDMA/SA: Fix kernel panic in CMA request handler flow 2017-06-01 17:20:14 -04:00
rxrpc
scsi scsi: Avoid that scsi_exit_rq() triggers a use-after-free 2017-06-12 20:55:58 -04:00
soc powerpc updates for 4.12 part 2 2017-05-12 10:04:09 -07:00
sound
target iscsi-target: Fix initial login PDU asynchronous socket close OOPs 2017-05-31 15:12:31 -07:00
trace Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux 2017-05-12 11:58:45 -07:00
uapi KEYS: DH: add __user annotations to keyctl_kdf_params 2017-06-09 13:29:49 +10:00
video
xen