From: Alexandre Oliva Date: Thu, 16 Jun 2005 05:26:31 +0000 (-0700) Subject: [PATCH] sbp2 slab corruption fix X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=a2ef79e1840ebbd0b5907e53c755efd5662112a1;p=GitHub%2FLineageOS%2Fandroid_kernel_samsung_universal7580.git [PATCH] sbp2 slab corruption fix This fixed a problem that showed up in the Fedora development tree a few weeks before the Fedora Core 4 release, initially as slab corruption, later as hard crashes on boot up, when slab debugging was disabled for the release. More details on the history at https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=158424 The problem is caused by sbp2's use of scsi_host->hostdata[0] to hold a scsi_id, without explicitly requesting space for it. Since hostdata is declared as a zero-sized array, we don't get any such space by default, so it must be explicitly requested. The patch below implements just that. Signed-off-by: Alexandre Oliva Cc: Jody McIntyre Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/drivers/ieee1394/sbp2.c b/drivers/ieee1394/sbp2.c index 00c7b958361..ab82d6addd7 100644 --- a/drivers/ieee1394/sbp2.c +++ b/drivers/ieee1394/sbp2.c @@ -745,7 +745,8 @@ static struct scsi_id_instance_data *sbp2_alloc_device(struct unit_directory *ud list_add_tail(&scsi_id->scsi_list, &hi->scsi_ids); /* Register our host with the SCSI stack. */ - scsi_host = scsi_host_alloc(&scsi_driver_template, 0); + scsi_host = scsi_host_alloc(&scsi_driver_template, + sizeof (unsigned long)); if (!scsi_host) { SBP2_ERR("failed to register scsi host"); goto failed_alloc;