Re: [PATCH] scsi: qla4xxx: add error handling for try_module_get
From: James Bottomley
Date: Tue Jun 12 2018 - 10:09:12 EST
On Tue, 2018-06-12 at 12:48 +0800, Zhouyang Jia wrote:
> When try_module_get fails, the lack of error-handling code may
> cause unexpected results.
>
> This patch adds error-handling code after calling try_module_get.
>
> Signed-off-by: Zhouyang Jia <jiazhouyang09@xxxxxxxxx>
> ---
> Âdrivers/scsi/qla4xxx/ql4_os.c | 9 +++++++--
> Â1 file changed, 7 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/scsi/qla4xxx/ql4_os.c
> b/drivers/scsi/qla4xxx/ql4_os.c
> index 0e13349..6b677ab 100644
> --- a/drivers/scsi/qla4xxx/ql4_os.c
> +++ b/drivers/scsi/qla4xxx/ql4_os.c
> @@ -7687,7 +7687,10 @@ static int qla4xxx_sysfs_ddb_logout_sid(struct
> iscsi_cls_session *cls_sess)
> Â Â* to be seamless without actually destroying the
> Â Â* session
> Â Â**/
> - try_module_get(qla4xxx_iscsi_transport.owner);
> + if (!try_module_get(qla4xxx_iscsi_transport.owner))
> + ql4_printk(KERN_WARNING, ha,
> + "%s: cannot get module.\n", __func__);
> +
This isn't error handling at all. If try_module_get() fails it means
you're about to get the text segment freed from underneath you if the
code can be executed concurrently with the module_exit function. The
comment implies that qla4xxx operates with a zero module use count even
when there are logged in sessions, so module_exit can race with logout
(or indeed any other userspace initiated function). This means that
the entire module reference counting of qla4xxx looks to be racy and
wrong. Can we get a description of what the expected theoretical model
is so we can validate (or invalidate) this theory?
James