firewire: fw-sbp2: fix NULL pointer deref. in scsi_remove_device

Fix a kernel bug when unplugging an SBP-2 device after having its
scsi_device already removed via the "delete" sysfs attribute.

Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>

diff --git a/drivers/firewire/fw-sbp2.c b/drivers/firewire/fw-sbp2.c
index 60ebcb5fe21aa3654a7c6c8eb45280ca2a478357..5259491580fccc8fa47a42fcad98b469441522e6 100644 (file)
--- a/drivers/firewire/fw-sbp2.c
+++ b/drivers/firewire/fw-sbp2.c
@@ -762,9 +762,10 @@ static void sbp2_release_target(struct kref *kref)
        sbp2_unblock(tgt);
 
        list_for_each_entry_safe(lu, next, &tgt->lu_list, link) {
-               if (lu->sdev)
+               if (lu->sdev) {
                        scsi_remove_device(lu->sdev);
-
+                       scsi_device_put(lu->sdev);
+               }
                sbp2_send_management_orb(lu, tgt->node_id, lu->generation,
                                SBP2_LOGOUT_REQUEST, lu->login_id, NULL);
 
@@ -886,12 +887,11 @@ static void sbp2_login(struct work_struct *work)
        if (IS_ERR(sdev))
                goto out_logout_login;
 
-       scsi_device_put(sdev);
-
        /* Unreported error during __scsi_add_device() */
        smp_rmb(); /* get current card generation */
        if (generation != device->card->generation) {
                scsi_remove_device(sdev);
+               scsi_device_put(sdev);
                goto out_logout_login;
        }