review.tizen.org Git - platform/kernel/linux-exynos.git/commit

projects / platform / kernel / linux-exynos.git / commit

author	Mike Krinkin <krinkin.m.u@gmail.com>
	Sun, 19 Jul 2015 06:53:17 +0000 (09:53 +0300)
committer	Jens Axboe <axboe@fb.com>
	Wed, 22 Jul 2015 19:30:20 +0000 (13:30 -0600)
commit	21974061cfb3c4b0b1a83447fb5e7cdcd06e56dc
tree	558b1e88e86088c9500ffecb7d873c9dc0898c7d	tree \| snapshot
parent	d725e66c06ab440032f49ef17e960896d0ec6d49	commit \| diff

null_blk: fix use-after-free problem

end_cmd finishes request associated with nullb_cmd struct, so we
should save pointer to request_queue in a local variable before
calling end_cmd.

The problem was causes general protection fault with slab poisoning
enabled.

Fixes: 8b70f45e2eb2 ("null_blk: restart request processing on completion handler")
Tested-by: Akinobu Mita <akinobu.mita@gmail.com>
Signed-off-by: Mike Krinkin <krinkin.m.u@gmail.com>
Signed-off-by: Jens Axboe <axboe@fb.com>

drivers/block/null_blk.c

diff | blob | history

Domain: System / Kernel;

RSS Atom