* [PATCH 0/1] fix null pointer dereference for ERP requests
@ 2020-11-16 15:23 Stefan Haberland
2020-11-16 15:23 ` [PATCH 1/1] s390/dasd: " Stefan Haberland
2020-11-16 15:28 ` [PATCH 0/1] " Jens Axboe
0 siblings, 2 replies; 3+ messages in thread
From: Stefan Haberland @ 2020-11-16 15:23 UTC (permalink / raw)
To: Jens Axboe
Cc: linux-block, Jan Hoeppner, linux-s390, Heiko Carstens,
Vasily Gorbik, Christian Borntraeger
Hi Jens,
pleas apply the following patch that fixes a null pointer derefernce in the
DASD driver.
Stefan Haberland (1):
s390/dasd: fix null pointer dereference for ERP requests
drivers/s390/block/dasd.c | 6 ++++++
1 file changed, 6 insertions(+)
--
2.17.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH 1/1] s390/dasd: fix null pointer dereference for ERP requests
2020-11-16 15:23 [PATCH 0/1] fix null pointer dereference for ERP requests Stefan Haberland
@ 2020-11-16 15:23 ` Stefan Haberland
2020-11-16 15:28 ` [PATCH 0/1] " Jens Axboe
1 sibling, 0 replies; 3+ messages in thread
From: Stefan Haberland @ 2020-11-16 15:23 UTC (permalink / raw)
To: Jens Axboe
Cc: linux-block, Jan Hoeppner, linux-s390, Heiko Carstens,
Vasily Gorbik, Christian Borntraeger
When requeueing all requests on the device request queue to the blocklayer
we might get to an ERP (error recovery) request that is a copy of an
original CQR.
Those requests do not have blocklayer request information or a pointer to
the dasd_queue set. When trying to access those data it will lead to a
null pointer dereference in dasd_requeue_all_requests().
Fix by checking if the request is an ERP request that can simply be
ignored. The blocklayer request will be requeued by the original CQR that
is on the device queue right behind the ERP request.
Fixes: 9487cfd3430d ("s390/dasd: fix handling of internal requests")
Cc: <stable@vger.kernel.org> #4.16
Reviewed-by: Jan Hoeppner <hoeppner@linux.ibm.com>
Signed-off-by: Stefan Haberland <sth@linux.ibm.com>
---
drivers/s390/block/dasd.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/drivers/s390/block/dasd.c b/drivers/s390/block/dasd.c
index eb17fea8075c..217a7b84abdf 100644
--- a/drivers/s390/block/dasd.c
+++ b/drivers/s390/block/dasd.c
@@ -2980,6 +2980,12 @@ static int _dasd_requeue_request(struct dasd_ccw_req *cqr)
if (!block)
return -EINVAL;
+ /*
+ * If the request is an ERP request there is nothing to requeue.
+ * This will be done with the remaining original request.
+ */
+ if (cqr->refers)
+ return 0;
spin_lock_irq(&cqr->dq->lock);
req = (struct request *) cqr->callback_data;
blk_mq_requeue_request(req, false);
--
2.17.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH 0/1] fix null pointer dereference for ERP requests
2020-11-16 15:23 [PATCH 0/1] fix null pointer dereference for ERP requests Stefan Haberland
2020-11-16 15:23 ` [PATCH 1/1] s390/dasd: " Stefan Haberland
@ 2020-11-16 15:28 ` Jens Axboe
1 sibling, 0 replies; 3+ messages in thread
From: Jens Axboe @ 2020-11-16 15:28 UTC (permalink / raw)
To: Stefan Haberland
Cc: linux-block, Jan Hoeppner, linux-s390, Heiko Carstens,
Vasily Gorbik, Christian Borntraeger
On 11/16/20 8:23 AM, Stefan Haberland wrote:
> Hi Jens,
>
> pleas apply the following patch that fixes a null pointer derefernce in the
> DASD driver.
Applied, thanks.
--
Jens Axboe
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-11-16 15:28 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-11-16 15:23 [PATCH 0/1] fix null pointer dereference for ERP requests Stefan Haberland
2020-11-16 15:23 ` [PATCH 1/1] s390/dasd: " Stefan Haberland
2020-11-16 15:28 ` [PATCH 0/1] " Jens Axboe
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox