From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-owner@vger.kernel.org>
Received: from mail.linuxfoundation.org ([140.211.169.12]:48950 "EHLO
        mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753212AbdI1NeU (ORCPT
        <rfc822;stable@vger.kernel.org>); Thu, 28 Sep 2017 09:34:20 -0400
Subject: Patch "scsi: scsi_transport_fc: fix NULL pointer dereference in fc_bsg_job_timeout" has been added to the 4.13-stable tree
To: hch@lst.de, gregkh@linuxfoundation.org, martin.petersen@oracle.com,
        ming.lei@redhat.com
Cc: <stable@vger.kernel.org>, <stable-commits@vger.kernel.org>
From: <gregkh@linuxfoundation.org>
Date: Thu, 28 Sep 2017 15:33:53 +0200
Message-ID: <150660563341165@kroah.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ANSI_X3.4-1968
Content-Transfer-Encoding: 8bit
Sender: stable-owner@vger.kernel.org
List-ID: <stable.vger.kernel.org>


This is a note to let you know that I've just added the patch titled

    scsi: scsi_transport_fc: fix NULL pointer dereference in fc_bsg_job_timeout

to the 4.13-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     scsi-scsi_transport_fc-fix-null-pointer-dereference-in-fc_bsg_job_timeout.patch
and it can be found in the queue-4.13 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.


>>From b468b6a4969f9bdddb31d484f151bfa03fbee767 Mon Sep 17 00:00:00 2001
From: Christoph Hellwig <hch@lst.de>
Date: Thu, 7 Sep 2017 13:54:36 +0200
Subject: scsi: scsi_transport_fc: fix NULL pointer dereference in fc_bsg_job_timeout

From: Christoph Hellwig <hch@lst.de>

commit b468b6a4969f9bdddb31d484f151bfa03fbee767 upstream.

bsg-lib now embeddeds the job structure into the request, and
req->special can't be used anymore.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Ming Lei <ming.lei@redhat.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 drivers/scsi/scsi_transport_fc.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/drivers/scsi/scsi_transport_fc.c
+++ b/drivers/scsi/scsi_transport_fc.c
@@ -3550,7 +3550,7 @@ fc_vport_sched_delete(struct work_struct
 static enum blk_eh_timer_return
 fc_bsg_job_timeout(struct request *req)
 {
-	struct bsg_job *job = (void *) req->special;
+	struct bsg_job *job = blk_mq_rq_to_pdu(req);
 	struct Scsi_Host *shost = fc_bsg_to_shost(job);
 	struct fc_rport *rport = fc_bsg_to_rport(job);
 	struct fc_internal *i = to_fc_internal(shost->transportt);


Patches currently in stable-queue which might be from hch@lst.de are

queue-4.13/nvme-pci-propagate-some-errors-from-host-memory-buffer-setup.patch
queue-4.13/nvme-pci-use-appropriate-initial-chunk-size-for-hmb-allocation.patch
queue-4.13/nvme-pci-fix-host-memory-buffer-allocation-fallback.patch
queue-4.13/scsi-scsi_transport_fc-fix-null-pointer-dereference-in-fc_bsg_job_timeout.patch