[PATCH] Check sk before sendpage
3 views
Skip to first unread message
Yang Bin
Jul 10, 2019, 1:49:01 PM7/10/19
to ldu...@suse.com, cle...@redhat.com, je...@linux.ibm.com, martin....@oracle.com, open-...@googlegroups.com, linux...@vger.kernel.org, linux-...@vger.kernel.org, xue.z...@zte.com.cn, wang...@zte.com.cn, wang.l...@zte.com.cn, Yang Bin
From: " Yang Bin "<yang....@zte.com.cn>
Before xmit,iscsi may disconnect just now.
So must check connection sock NULL or not,or kernel will crash for
accessing NULL pointer.
Signed-off-by: Yang Bin <yang....@zte.com.cn>
---
drivers/scsi/iscsi_tcp.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/scsi/iscsi_tcp.c b/drivers/scsi/iscsi_tcp.c
index 7bedbe8..a59c49f 100644
--- a/drivers/scsi/iscsi_tcp.c
+++ b/drivers/scsi/iscsi_tcp.c
@@ -264,6 +264,9 @@ static int iscsi_sw_tcp_xmit_segment(struct iscsi_tcp_conn *tcp_conn,
unsigned int copied = 0;
int r = 0;
+ if (!sk)
+ return -ENOTCONN;
+
while (!iscsi_tcp_segment_done(tcp_conn, segment, 0, r)) {
struct scatterlist *sg;
unsigned int offset, copy;
--
1.8.3.1
Before xmit,iscsi may disconnect just now.
So must check connection sock NULL or not,or kernel will crash for
accessing NULL pointer.
Signed-off-by: Yang Bin <yang....@zte.com.cn>
---
drivers/scsi/iscsi_tcp.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/scsi/iscsi_tcp.c b/drivers/scsi/iscsi_tcp.c
index 7bedbe8..a59c49f 100644
--- a/drivers/scsi/iscsi_tcp.c
+++ b/drivers/scsi/iscsi_tcp.c
@@ -264,6 +264,9 @@ static int iscsi_sw_tcp_xmit_segment(struct iscsi_tcp_conn *tcp_conn,
unsigned int copied = 0;
int r = 0;
+ if (!sk)
+ return -ENOTCONN;
+
while (!iscsi_tcp_segment_done(tcp_conn, segment, 0, r)) {
struct scatterlist *sg;
unsigned int offset, copy;
--
1.8.3.1
Lee Duncan
Jul 10, 2019, 2:00:24 PM7/10/19
to Yang Bin, open-...@googlegroups.com, je...@linux.ibm.com, martin....@oracle.com, cle...@redhat.com, linux-...@vger.kernel.org, linux...@vger.kernel.org, wang.l...@zte.com.cn, wang...@zte.com.cn, xue.z...@zte.com.cn
called, can it be called in the middle of sending segments? (In which
case the check would have to be in the while loop.)
--
Lee Duncan
James Bottomley
Jul 12, 2019, 12:15:14 PM7/12/19
to Lee Duncan, Yang Bin, open-...@googlegroups.com, martin....@oracle.com, cle...@redhat.com, linux-...@vger.kernel.org, linux...@vger.kernel.org, wang.l...@zte.com.cn, wang...@zte.com.cn, xue.z...@zte.com.cn
a theoretical problem?
The reason for asking is this call is controlled directly by the
ISCSI_UEVENT_DESTROY_CONN event sent by the iscsi daemon. Obviously if
the daemon goes haywire and doesn't shut down the connection before
sending the destroy event, we may get the crash, but I would be
inclined to say fix the daemon.
James
yang....@zte.com.cn
Jul 12, 2019, 12:15:18 PM7/12/19
to je...@linux.ibm.com, LDu...@suse.com, open-...@googlegroups.com, martin....@oracle.com, cle...@redhat.com, linux-...@vger.kernel.org, linux...@vger.kernel.org, wang.l...@zte.com.cn, wang...@zte.com.cn, xue.z...@zte.com.cn
> James
We have repproduced this bug several times .
It`s a good idea that sending ISCSI_UEVENT_STOP_CONN event first.
But there is another choice , adding "iscsi_suspend_tx" int the front of "destroy" ,
for not increasing dependence between kernel and daemon.
Yangbin
Reply all
Reply to author
Forward
0 new messages