All other places where seq.ssb_stat is accessed happens when under the
lock ex_lock. Moreover, the struct definition has some documentation in
the comments telling that ex_lock protects seq.ssb_stat. Extend the
locking in fc_exch_recv_seq_resp to include that field access.
Disclaimer: I am currently working on a static analyser to detect
missing locks. This was a reported case. I manually verified the report
by looking at the code, so that I do not send wrong information or
patches. After concluding that this seems to be a true positive, I
created this patch. However, as I do not in fact have this particular
hardware, I was unable to test it.
Signed-off-by: Niels Dossche <dossche.niels@xxxxxxxxx>
---
drivers/scsi/libfc/fc_exch.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/scsi/libfc/fc_exch.c b/drivers/scsi/libfc/fc_exch.c
index 841000445b9a..be5920526840 100644
--- a/drivers/scsi/libfc/fc_exch.c
+++ b/drivers/scsi/libfc/fc_exch.c
@@ -1600,6 +1600,8 @@ static void fc_exch_recv_seq_resp(struct fc_exch_mgr *mp, struct fc_frame *fp)
}
sof = fr_sof(fp);
sp = &ep->seq;
+
+ spin_lock_bh(&ep->ex_lock);
if (fc_sof_is_init(sof)) {
sp->ssb_stat |= SSB_ST_RESP;
sp->id = fh->fh_seq_id;
@@ -1608,7 +1610,6 @@ static void fc_exch_recv_seq_resp(struct fc_exch_mgr *mp, struct fc_frame *fp)
f_ctl = ntoh24(fh->fh_f_ctl);
fr_seq(fp) = sp;
- spin_lock_bh(&ep->ex_lock);
if (f_ctl & FC_FC_SEQ_INIT)
ep->esb_stat |= ESB_ST_SEQ_INIT;
spin_unlock_bh(&ep->ex_lock);
--
2.35.1
