From: "Michael S. Tsirkin" <mst@redhat.com>
To: Omar Sandoval <osandov@osandov.com>
Cc: Jason Wang <jasowang@redhat.com>,
virtualization@lists.linux-foundation.org,
linux-block@vger.kernel.org, kernel-team@fb.com,
Jens Axboe <axboe@kernel.dk>
Subject: Re: [PATCH] virtio_blk: fix panic in initialization error path
Date: Tue, 10 Jan 2017 06:10:20 +0200 [thread overview]
Message-ID: <20170110060937-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <4bc0f759ce198dc36e9b678a3c8f69bfef5cb728.1483990999.git.osandov@fb.com>
On Mon, Jan 09, 2017 at 11:44:12AM -0800, Omar Sandoval wrote:
> From: Omar Sandoval <osandov@fb.com>
>
> If blk_mq_init_queue() returns an error, it gets assigned to
> vblk->disk->queue. Then, when we call put_disk(), we end up calling
> blk_put_queue() with the ERR_PTR, causing a bad dereference. Fix it by
> only assigning to vblk->disk->queue on success.
>
> Signed-off-by: Omar Sandoval <osandov@fb.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Jens, do you mind picking this one up as well, since
you have one virtio-blk patch already?
> ---
> drivers/block/virtio_blk.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/block/virtio_blk.c b/drivers/block/virtio_blk.c
> index 5545a679abd8..8587361e5356 100644
> --- a/drivers/block/virtio_blk.c
> +++ b/drivers/block/virtio_blk.c
> @@ -628,11 +628,12 @@ static int virtblk_probe(struct virtio_device *vdev)
> if (err)
> goto out_put_disk;
>
> - q = vblk->disk->queue = blk_mq_init_queue(&vblk->tag_set);
> + q = blk_mq_init_queue(&vblk->tag_set);
> if (IS_ERR(q)) {
> err = -ENOMEM;
> goto out_free_tags;
> }
> + vblk->disk->queue = q;
>
> q->queuedata = vblk;
>
> --
> 2.11.0
next prev parent reply other threads:[~2017-01-10 4:10 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-09 19:44 [PATCH] virtio_blk: fix panic in initialization error path Omar Sandoval
2017-01-09 19:55 ` Jeff Moyer
2017-01-10 2:47 ` Jason Wang
2017-01-10 4:10 ` Michael S. Tsirkin [this message]
2017-01-10 4:11 ` Jens Axboe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170110060937-mutt-send-email-mst@kernel.org \
--to=mst@redhat.com \
--cc=axboe@kernel.dk \
--cc=jasowang@redhat.com \
--cc=kernel-team@fb.com \
--cc=linux-block@vger.kernel.org \
--cc=osandov@osandov.com \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).