>On 12/04/2011 02:23 AM, psomas@xxxxxxxxxx wrote:
>> From: Stratos Psomadakis <psomas@xxxxxxxxxx>
>>
>> sym53c8xx_slave_destroy unconditionally assumes that
sym53c8xx_slave_alloc has
>> succesesfully allocated a sym_lcb. This can lead to a NULL pointer
dereference
>> (exposed by commit 4e6c82b).
>>
>> Signed-off-by: Stratos Psomadakis <psomas@xxxxxxxxxx>
>> Cc: stable@xxxxxxxxxxxxxxx
>> ---
>>
>> drivers/scsi/sym53c8xx_2/sym_glue.c | 4 ++++
>> 1 files changed, 4 insertions(+), 0 deletions(-)
>>
>> diff --git a/drivers/scsi/sym53c8xx_2/sym_glue.c
b/drivers/scsi/sym53c8xx_2/sym_glue.c
>> index b4543f5..76432f8 100644
>> --- a/drivers/scsi/sym53c8xx_2/sym_glue.c
>> +++ b/drivers/scsi/sym53c8xx_2/sym_glue.c
>> @@ -839,6 +839,10 @@ static void sym53c8xx_slave_destroy(struct
scsi_device *sdev)
>> struct sym_lcb *lp = sym_lp(tp, sdev->lun);
>> unsigned long flags;
>>
>> + /* if slave_alloc returned before allocating a sym_lcb, return */
>> + if (!lp)
>> + return;
>> +
>> spin_lock_irqsave(np->s.host->host_lock, flags);
>>
>> if (lp->busy_itlq || lp->busy_itl) {
>Any comments/ack/nack on the patch?
Applied it to 3.1.3, 3.1.4, 3.1.5, and 3.2-rc6. Previously loading
sym53c8xx (with my sym53c875 card) would cause a kernel panic during bootup
(worked fine on 3.1.0, 3.1.1, and the 2.6.x kernels, was sort of broken in
3.1.2, and panic'ed in 3.1.3-onwards). Now I can boot just fine!
Thank you very much!
Chris
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
