This is a note to let you know that I've just added the patch titled scsi: scsi_transport_fc: fix NULL pointer dereference in fc_bsg_job_timeout to the 4.13-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: scsi-scsi_transport_fc-fix-null-pointer-dereference-in-fc_bsg_job_timeout.patch and it can be found in the queue-4.13 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From b468b6a4969f9bdddb31d484f151bfa03fbee767 Mon Sep 17 00:00:00 2001 From: Christoph Hellwig <hch@xxxxxx> Date: Thu, 7 Sep 2017 13:54:36 +0200 Subject: scsi: scsi_transport_fc: fix NULL pointer dereference in fc_bsg_job_timeout From: Christoph Hellwig <hch@xxxxxx> commit b468b6a4969f9bdddb31d484f151bfa03fbee767 upstream. bsg-lib now embeddeds the job structure into the request, and req->special can't be used anymore. Signed-off-by: Christoph Hellwig <hch@xxxxxx> Reviewed-by: Ming Lei <ming.lei@xxxxxxxxxx> Signed-off-by: Martin K. Petersen <martin.petersen@xxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- drivers/scsi/scsi_transport_fc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/scsi/scsi_transport_fc.c +++ b/drivers/scsi/scsi_transport_fc.c @@ -3550,7 +3550,7 @@ fc_vport_sched_delete(struct work_struct static enum blk_eh_timer_return fc_bsg_job_timeout(struct request *req) { - struct bsg_job *job = (void *) req->special; + struct bsg_job *job = blk_mq_rq_to_pdu(req); struct Scsi_Host *shost = fc_bsg_to_shost(job); struct fc_rport *rport = fc_bsg_to_rport(job); struct fc_internal *i = to_fc_internal(shost->transportt); Patches currently in stable-queue which might be from hch@xxxxxx are queue-4.13/nvme-pci-propagate-some-errors-from-host-memory-buffer-setup.patch queue-4.13/nvme-pci-use-appropriate-initial-chunk-size-for-hmb-allocation.patch queue-4.13/nvme-pci-fix-host-memory-buffer-allocation-fallback.patch queue-4.13/scsi-scsi_transport_fc-fix-null-pointer-dereference-in-fc_bsg_job_timeout.patch