[PATCH] target: Fix a double put in transport_free_session

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In transport_free_session, se_nacl is got from se_sess
with the initial reference. If se_nacl->acl_sess_list is
empty, se_nacl->dynamic_stop is set to true. Then the first
target_put_nacl(se_nacl) will drop the initial reference
and free se_nacl. Later there is a second target_put_nacl()
to put se_nacl. It may cause error in race.

My patch sets se_nacl->dynamic_stop to false to avoid the
double put.

Signed-off-by: Lv Yunlong <lyl2019@xxxxxxxxxxxxxxxx>
---
 drivers/target/target_core_transport.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c
index 5ecb9f18a53d..c266defe694f 100644
--- a/drivers/target/target_core_transport.c
+++ b/drivers/target/target_core_transport.c
@@ -584,8 +584,10 @@ void transport_free_session(struct se_session *se_sess)
 		}
 		mutex_unlock(&se_tpg->acl_node_mutex);
 
-		if (se_nacl->dynamic_stop)
+		if (se_nacl->dynamic_stop) {
 			target_put_nacl(se_nacl);
+			se_nacl->dynamic_stop = false;
+		}
 
 		target_put_nacl(se_nacl);
 	}
-- 
2.25.1





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [SCSI Target Devel]     [Linux SCSI Target Infrastructure]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Samba]     [Device Mapper]

  Powered by Linux