[PATCH] scsi: qla2xxx: Fix crash on qla2x00_mailbox_command

From: Rodrigo R. Galvao
Date: Mon May 28 2018 - 13:58:59 EST

Next message: Ray Jui: "[PATCH v4 0/6] Enhance support for the SP805 WDT"
Previous message: Marcelo Ricardo Leitner: "Re: INFO: rcu detected stall in is_bpf_text_address"
Next in thread: Rodrigo Rosatti Galvao: "Re: [PATCH] scsi: qla2xxx: Fix crash on qla2x00_mailbox_command"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This patch fixes a crash on qla2x00_mailbox_command caused when the
driver is on UNLOADING state and tries to call qla2x00_poll, which
triggers a NULL pointer dereference.

Signed-off-by: Rodrigo R. Galvao <rosattig@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Mauro S. M. Rodrigues <maurosr@xxxxxxxxxxxxxxxxxx>
---
drivers/scsi/qla2xxx/qla_mbx.c | 8 ++++++++
1 file changed, 8 insertions(+)

diff --git a/drivers/scsi/qla2xxx/qla_mbx.c b/drivers/scsi/qla2xxx/qla_mbx.c
index d8a36c1..7e875f5 100644
--- a/drivers/scsi/qla2xxx/qla_mbx.c
+++ b/drivers/scsi/qla2xxx/qla_mbx.c
@@ -292,6 +292,14 @@ qla2x00_mailbox_command(scsi_qla_host_t *vha, mbx_cmd_t *mcp)
if (time_after(jiffies, wait_time))
break;

+ /*
+ * Check if it's UNLOADING, cause we cannot poll in
+ * this case, or else a NULL pointer dereference
+ * is triggered.
+ */
+ if (unlikely(test_bit(UNLOADING, &base_vha->dpc_flags)))
+ return QLA_FUNCTION_TIMEOUT;
+
/* Check for pending interrupts. */
qla2x00_poll(ha->rsp_q_map[0]);

--
2.7.4

Next message: Ray Jui: "[PATCH v4 0/6] Enhance support for the SP805 WDT"
Previous message: Marcelo Ricardo Leitner: "Re: INFO: rcu detected stall in is_bpf_text_address"
Next in thread: Rodrigo Rosatti Galvao: "Re: [PATCH] scsi: qla2xxx: Fix crash on qla2x00_mailbox_command"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]