From: Tejun Heo <tj@kernel.org>
To: Jun'ichi Nomura <j-nomura@ce.jp.nec.com>
Cc: Jens Axboe <axboe@kernel.dk>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
linux-scsi <linux-scsi@vger.kernel.org>,
Naveen Goswamy <naveen.goswamy@polymtl.ca>,
James Bottomley <James.Bottomley@HansenPartnership.com>,
Stefan Richter <stefanr@s5r6.in-berlin.de>,
Dave Jones <davej@redhat.com>,
sgruszka@redhat.com, Huajun Li <huajun.li.lee@gmail.com>
Subject: Re: [PATCH] Fix NULL pointer dereference in sd_revalidate_disk
Date: Tue, 21 Feb 2012 17:04:35 -0800 [thread overview]
Message-ID: <20120222010435.GI12236@google.com> (raw)
In-Reply-To: <4F443E81.2060402@ce.jp.nec.com>
On Wed, Feb 22, 2012 at 10:01:53AM +0900, Jun'ichi Nomura wrote:
> Since 2.6.39 (1196f8b), when a driver returns -ENOMEDIUM for open(),
> __blkdev_get() calls rescan_partitions() to remove
> in-kernel partition structures and raise KOBJ_CHANGE uevent.
>
> However it ends up calling driver's revalidate_disk without open
> and could cause oops.
>
> In the case of SCSI:
>
> process A process B
> ----------------------------------------------
> sys_open
> __blkdev_get
> sd_open
> returns -ENOMEDIUM
> scsi_remove_device
> <scsi_device torn down>
> rescan_partitions
> sd_revalidate_disk
> <oops>
>
> Oopses are reported here:
> http://marc.info/?l=linux-scsi&m=132388619710052
>
> This patch separates the partition invalidation from rescan_partitions()
> and use it for -ENOMEDIUM case.
>
> Reported-by: Huajun Li <huajun.li.lee@gmail.com>
> Signed-off-by: Jun'ichi Nomura <j-nomura@ce.jp.nec.com>
Acked-by: Tejun Heo <tj@kernel.org>
Thank you!
--
tejun
next prev parent reply other threads:[~2012-02-22 1:04 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-22 1:01 [PATCH] Fix NULL pointer dereference in sd_revalidate_disk Jun'ichi Nomura
2012-02-22 1:04 ` Tejun Heo [this message]
2012-02-22 4:58 ` Jack Wang
2012-02-22 4:58 ` Jack Wang
2012-02-22 5:36 ` 'Dave Jones'
2012-02-29 12:57 ` Naveen Goswamy
2012-02-29 18:46 ` Naveen Goswamy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120222010435.GI12236@google.com \
--to=tj@kernel.org \
--cc=James.Bottomley@HansenPartnership.com \
--cc=axboe@kernel.dk \
--cc=davej@redhat.com \
--cc=huajun.li.lee@gmail.com \
--cc=j-nomura@ce.jp.nec.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=naveen.goswamy@polymtl.ca \
--cc=sgruszka@redhat.com \
--cc=stefanr@s5r6.in-berlin.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.