+++ /dev/null
-From: Gerald Schaefer <geraldsc@de.ibm.com>
-Subject: zfcp: eliminate race between validation and locking.
-References: bnc#440610
-
-Symptom: machine stalls
-Problem: ptr is verified before processing is secured by lock.
-Solution: assign, verify ptr after secured by lock
-
-Acked-by: John Jolly <jjolly@suse.de>
----
- drivers/s390/scsi/zfcp_fsf.c | 14 +++++++++-----
- 1 file changed, 9 insertions(+), 5 deletions(-)
-
-Index: linux-sles11/drivers/s390/scsi/zfcp_fsf.c
-===================================================================
---- linux-sles11.orig/drivers/s390/scsi/zfcp_fsf.c
-+++ linux-sles11/drivers/s390/scsi/zfcp_fsf.c
-@@ -2115,18 +2115,21 @@ static inline void zfcp_fsf_trace_latenc
-
- static void zfcp_fsf_send_fcp_command_task_handler(struct zfcp_fsf_req *req)
- {
-- struct scsi_cmnd *scpnt = req->data;
-+ struct scsi_cmnd *scpnt;
- struct fcp_rsp_iu *fcp_rsp_iu = (struct fcp_rsp_iu *)
- &(req->qtcb->bottom.io.fcp_rsp);
- u32 sns_len;
- char *fcp_rsp_info = (unsigned char *) &fcp_rsp_iu[1];
- unsigned long flags;
-
-- if (unlikely(!scpnt))
-- return;
--
- read_lock_irqsave(&req->adapter->abort_lock, flags);
-
-+ scpnt = req->data;
-+ if (unlikely(!scpnt)) {
-+ read_unlock_irqrestore(&req->adapter->abort_lock, flags);
-+ return;
-+ }
-+
- if (unlikely(req->status & ZFCP_STATUS_FSFREQ_ABORTED)) {
- set_host_byte(scpnt, DID_SOFT_ERROR);
- set_driver_byte(scpnt, SUGGEST_RETRY);
-@@ -2181,7 +2184,8 @@ skip_fsfstatus:
- zfcp_scsi_dbf_event_result("norm", 6, req->adapter, scpnt, req);
-
- scpnt->host_scribble = NULL;
-- (scpnt->scsi_done) (scpnt);
-+ if (scpnt->scsi_done)
-+ (scpnt->scsi_done) (scpnt);
- /*
- * We must hold this lock until scsi_done has been called.
- * Otherwise we may call scsi_done after abort regarding this
projects / people / pmueller / ipfire-2.x.git / blobdiff