Re: [PATCH 4.1 70/78] SCSI: Fix NULL pointer dereference in runtime PM

Re: [PATCH 4.1 70/78] SCSI: Fix NULL pointer dereference in runtime PM

[Alan Stern]

On Fri, 11 Sep 2015, Greg Kroah-Hartman wrote:

> 4.1-stable review patch.  If anyone has any objections, please let me know.

It turns out that this patch causes problems with the sr driver.  A
reversion and alternate solution have already been submitted to James
Bottomley (http://marc.info/?l=linux-scsi&m=144185206825609&w=2).  We
ought to hold off putting it into the -stable kernels.

Alan Stern

> ------------------
> 
> From: Alan Stern <stern@rowland.harvard.edu>
> 
> commit 49718f0fb8c9af192b33d8af3a2826db04025371 upstream.
> 
> The routines in scsi_rpm.c assume that if a runtime-PM callback is
> invoked for a SCSI device, it can only mean that the device's driver
> has asked the block layer to handle the runtime power management (by
> calling blk_pm_runtime_init(), which among other things sets q->dev).
> 
> However, this assumption turns out to be wrong for things like the ses
> driver.  Normally ses devices are not allowed to do runtime PM, but
> userspace can override this setting.  If this happens, the kernel gets
> a NULL pointer dereference when blk_post_runtime_resume() tries to use
> the uninitialized q->dev pointer.
> 
> This patch fixes the problem by calling the block layer's runtime-PM
> routines only if the device's driver really does have a runtime-PM
> callback routine.  Since ses doesn't define any such callbacks, the
> crash won't occur.
> 
> This fixes Bugzilla #101371.
> 
> Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
> Reported-by: Stanisław Pitucha <viraptor@gmail.com>
> Reported-by: Ilan Cohen <ilanco@gmail.com>
> Tested-by: Ilan Cohen <ilanco@gmail.com>
> Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
> Signed-off-by: James Bottomley <JBottomley@Odin.com>
> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Re: [PATCH 4.1 70/78] SCSI: Fix NULL pointer dereference in runtime PM

[Greg Kroah-Hartman]

On Sat, Sep 12, 2015 at 01:37:02PM -0400, Alan Stern wrote:
> On Fri, 11 Sep 2015, Greg Kroah-Hartman wrote:
> 
> > 4.1-stable review patch.  If anyone has any objections, please let me know.
> 
> It turns out that this patch causes problems with the sr driver.  A
> reversion and alternate solution have already been submitted to James
> Bottomley (http://marc.info/?l=linux-scsi&m=144185206825609&w=2).  We
> ought to hold off putting it into the -stable kernels.

I prefer to take patches like this into a stable release, so as to spur
the maintainer on to also get the fix into Linus's tree, which I don't
see happening yet.  I don't like diverging from what Linus has for
obvious reasons.

thanks,

greg k-h