From: Nicholas Bellinger Date: Wed, 30 Nov 2011 08:41:20 +0000 (-0800) Subject: target: Fix possible NULL pointer with __transport_execute_tasks X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=40be67f4c588fe2f3e2dbd60ae1f470abc5b6ad8;p=GitHub%2Fexynos8895%2Fandroid_kernel_samsung_universal8895.git target: Fix possible NULL pointer with __transport_execute_tasks This patch makes __transport_execute_tasks() use a local *se_dev reference to prevent direct se_cmd->se_dev access after transport_cmd_check_stop() -> transport_add_tasks_from_cmd() has been called, as in the current implementation we can expect __transport_execute_tasks() may be called from another context that may have already completed the I/O. Cc: Christoph Hellwig Signed-off-by: Nicholas Bellinger --- diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c index e4389d40c057..1cc7e920ab0b 100644 --- a/drivers/target/target_core_transport.c +++ b/drivers/target/target_core_transport.c @@ -2076,6 +2076,7 @@ static inline int transport_execute_task_attr(struct se_cmd *cmd) static int transport_execute_tasks(struct se_cmd *cmd) { int add_tasks; + struct se_device *se_dev = cmd->se_dev; if (se_dev_check_online(cmd->se_dev) != 0) { cmd->scsi_sense_reason = TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE; @@ -2108,7 +2109,7 @@ static int transport_execute_tasks(struct se_cmd *cmd) * storage object. */ execute_tasks: - __transport_execute_tasks(cmd->se_dev); + __transport_execute_tasks(se_dev); return 0; }