• Arun Easi's avatar
    scsi: qla2xxx: Fix kernel crash after disconnecting NVMe devices · 6a81533d
    Arun Easi authored
    BUG: unable to handle kernel NULL pointer dereference at           (null)
    IP: [<ffffffffc050d10c>] qla_nvme_unregister_remote_port+0x6c/0xf0 [qla2xxx]
    PGD 800000084cf41067 PUD 84d288067 PMD 0
    Oops: 0000 [#1] SMP
    Call Trace:
     [<ffffffff98abcfdf>] process_one_work+0x17f/0x440
     [<ffffffff98abdca6>] worker_thread+0x126/0x3c0
     [<ffffffff98abdb80>] ? manage_workers.isra.26+0x2a0/0x2a0
     [<ffffffff98ac4f81>] kthread+0xd1/0xe0
     [<ffffffff98ac4eb0>] ? insert_kthread_work+0x40/0x40
     [<ffffffff9918ad37>] ret_from_fork_nospec_begin+0x21/0x21
     [<ffffffff98ac4eb0>] ? insert_kthread_work+0x40/0x40
    RIP  [<ffffffffc050d10c>] qla_nvme_unregister_remote_port+0x6c/0xf0 [qla2xxx]
    
    The crash is due to a bad entry in the nvme_rport_list. This list is not
    protected, and when a remoteport_delete callback is called, driver
    traverses the list and crashes.
    
    Actually, the list could be removed and driver could traverse the main
    fcport list instead. Fix does exactly that.
    Signed-off-by: default avatarArun Easi <aeasi@marvell.com>
    Signed-off-by: default avatarHimanshu Madhani <hmadhani@redhat.com>
    Signed-off-by: default avatarMartin K. Petersen <martin.petersen@oracle.com>
    6a81533d
qla_nvme.c 17.2 KB