[PATCH AUTOSEL 5.4 3/3] nvme: clear caller pointer on identify failure

From: Sasha Levin
Date: Sun Mar 24 2024 - 13:17:16 EST

Next message: Sasha Levin: "[PATCH AUTOSEL 4.19 1/2] sysv: don't call sb_bread() with pointers_lock held"
Previous message: Sasha Levin: "[PATCH AUTOSEL 5.4 2/3] block: prevent division by zero in blk_rq_stat_sum()"
In reply to: Sasha Levin: "[PATCH AUTOSEL 5.4 2/3] block: prevent division by zero in blk_rq_stat_sum()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Keith Busch <kbusch@xxxxxxxxxx>

[ Upstream commit 7e80eb792bd7377a20f204943ac31c77d859be89 ]

The memory allocated for the identification is freed on failure. Set
it to NULL so the caller doesn't have a pointer to that freed address.

Reviewed-by: Christoph Hellwig <hch@xxxxxx>
Signed-off-by: Keith Busch <kbusch@xxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
drivers/nvme/host/core.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
index 9144ed14b0741..0676637e1eab6 100644
--- a/drivers/nvme/host/core.c
+++ b/drivers/nvme/host/core.c
@@ -1080,8 +1080,10 @@ static int nvme_identify_ctrl(struct nvme_ctrl *dev, struct nvme_id_ctrl **id)

error = nvme_submit_sync_cmd(dev->admin_q, &c, *id,
sizeof(struct nvme_id_ctrl));
- if (error)
+ if (error) {
kfree(*id);
+ *id = NULL;
+ }
return error;
}

@@ -1193,6 +1195,7 @@ static int nvme_identify_ns(struct nvme_ctrl *ctrl,
if (error) {
dev_warn(ctrl->device, "Identify namespace failed (%d)\n", error);
kfree(*id);
+ *id = NULL;
}

return error;
--
2.43.0

Next message: Sasha Levin: "[PATCH AUTOSEL 4.19 1/2] sysv: don't call sb_bread() with pointers_lock held"
Previous message: Sasha Levin: "[PATCH AUTOSEL 5.4 2/3] block: prevent division by zero in blk_rq_stat_sum()"
In reply to: Sasha Levin: "[PATCH AUTOSEL 5.4 2/3] block: prevent division by zero in blk_rq_stat_sum()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]