Re: [PATCH] xen-blkfront: avoid NULL de-reference in CDROM ioctl handling

From: Roger Pau Monne
Date: Thu Jul 07 2016 - 05:33:45 EST

Next message: Byungchul Park: "[RFC v2 07/13] pagemap.h: Remove trailing white space"
Previous message: Byungchul Park: "[RFC v2 12/13] lockdep: Make crossrelease use save_stack_trace_norm() instead"
In reply to: Jan Beulich: "[PATCH] xen-blkfront: avoid NULL de-reference in CDROM ioctl handling"
Next in thread: Jan Beulich: "Re: [PATCH] xen-blkfront: avoid NULL de-reference in CDROM ioctl handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 07, 2016 at 01:40:54AM -0600, Jan Beulich wrote:
> The ioctl can be called prior to full device setup having completed.
>
> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
> ---
> drivers/block/xen-blkfront.c | 6 ++----
> 1 file changed, 2 insertions(+), 4 deletions(-)
>
> --- 4.7-rc6-xen.orig/drivers/block/xen-blkfront.c
> +++ 4.7-rc6-xen/drivers/block/xen-blkfront.c
> @@ -496,12 +496,10 @@ static int blkif_ioctl(struct block_devi
> return -EFAULT;
> return 0;
>
> - case CDROM_GET_CAPABILITY: {
> - struct gendisk *gd = info->gd;
> - if (gd->flags & GENHD_FL_CD)
> + case CDROM_GET_CAPABILITY:
> + if (info->gd && (info->gd->flags & GENHD_FL_CD))

I don't follow how blkif_ioctl can be called with a NULL info->gd, because
the set of file operations is set inside of info->gd->fops. And the disk
should not be available until add_disk is called, which happens after having
info->gd already set.

Roger.

Next message: Byungchul Park: "[RFC v2 07/13] pagemap.h: Remove trailing white space"
Previous message: Byungchul Park: "[RFC v2 12/13] lockdep: Make crossrelease use save_stack_trace_norm() instead"
In reply to: Jan Beulich: "[PATCH] xen-blkfront: avoid NULL de-reference in CDROM ioctl handling"
Next in thread: Jan Beulich: "Re: [PATCH] xen-blkfront: avoid NULL de-reference in CDROM ioctl handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]