Patch "scsi: hisi_sas: Check before using pointer variables" has been added to the 6.7-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Sat, 20 Jan 2024 19:31:27 -0500

This is a note to let you know that I've just added the patch titled

    scsi: hisi_sas: Check before using pointer variables

to the 6.7-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     scsi-hisi_sas-check-before-using-pointer-variables.patch
and it can be found in the queue-6.7 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 46eaa06aeac90d5a25a985a08dcefc07827a8186
Author: Yihang Li <liyihang9@xxxxxxxxxx>
Date:   Thu Dec 14 11:45:14 2023 +0800

    scsi: hisi_sas: Check before using pointer variables
    
    [ Upstream commit 8dd10296be8562a45c6c6794dd492a2b7dccede8 ]
    
    In commit 4b329abc9180 ("scsi: hisi_sas: Move slot variable definition in
    hisi_sas_abort_task()"), we move the variables slot to the function head.
    However, the variable slot may be NULL, we should check it in each branch.
    
    Fixes: 4b329abc9180 ("scsi: hisi_sas: Move slot variable definition in hisi_sas_abort_task()")
    Signed-off-by: Yihang Li <liyihang9@xxxxxxxxxx>
    Signed-off-by: Xiang Chen <chenxiang66@xxxxxxxxxxxxx>
    Link: https://lore.kernel.org/r/1702525516-51258-4-git-send-email-chenxiang66@xxxxxxxxxxxxx
    Signed-off-by: Martin K. Petersen <martin.petersen@xxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/drivers/scsi/hisi_sas/hisi_sas_main.c b/drivers/scsi/hisi_sas/hisi_sas_main.c
index 16017064e96a..bbb7b2d9ffcf 100644
--- a/drivers/scsi/hisi_sas/hisi_sas_main.c
+++ b/drivers/scsi/hisi_sas/hisi_sas_main.c
@@ -1641,7 +1641,10 @@ static int hisi_sas_abort_task(struct sas_task *task)
 	task->task_state_flags |= SAS_TASK_STATE_ABORTED;
 	spin_unlock_irqrestore(&task->task_state_lock, flags);
 
-	if (slot && task->task_proto & SAS_PROTOCOL_SSP) {
+	if (!slot)
+		goto out;
+
+	if (task->task_proto & SAS_PROTOCOL_SSP) {
 		u16 tag = slot->idx;
 		int rc2;
 
@@ -1688,7 +1691,7 @@ static int hisi_sas_abort_task(struct sas_task *task)
 				rc = hisi_sas_softreset_ata_disk(device);
 			}
 		}
-	} else if (slot && task->task_proto & SAS_PROTOCOL_SMP) {
+	} else if (task->task_proto & SAS_PROTOCOL_SMP) {
 		/* SMP */
 		u32 tag = slot->idx;
 		struct hisi_sas_cq *cq = &hisi_hba->cq[slot->dlvry_queue];







