diff options
| author | Dick Kennedy <dick.kennedy@broadcom.com> | 2017-09-30 02:34:41 +0200 |
|---|---|---|
| committer | Martin K. Petersen <martin.petersen@oracle.com> | 2017-10-03 04:46:39 +0200 |
| commit | b7672ae681f8debe125ecc2ec59ba31d886acf5d (patch) | |
| tree | a5fab4b75b718e025212df955f09a80bbb8eae89 | |
| parent | scsi: lpfc: Disable NPIV support if NVME is enabled (diff) | |
| download | linux-b7672ae681f8debe125ecc2ec59ba31d886acf5d.tar.xz linux-b7672ae681f8debe125ecc2ec59ba31d886acf5d.zip | |
scsi: lpfc: Fix crash in lpfc_nvme_fcp_io_submit during LIP
The driver is seeing a NULL pointer in lpfc_nvme_fcp_io_submit. This
was ultimately due to a transport AER being sent on a terminated
controller, thus some of the values were not set. In case we're in a
system without a corrected transport and in case a race condition occurs
where we enter the routine as the teardown is happening in a separate
thread, validate the parameters before starting the io.
Signed-off-by: Dick Kennedy <dick.kennedy@broadcom.com>
Signed-off-by: James Smart <james.smart@broadcom.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
| -rw-r--r-- | drivers/scsi/lpfc/lpfc_nvme.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/drivers/scsi/lpfc/lpfc_nvme.c b/drivers/scsi/lpfc/lpfc_nvme.c index 078e9ef4d0bf..68bf9defbc92 100644 --- a/drivers/scsi/lpfc/lpfc_nvme.c +++ b/drivers/scsi/lpfc/lpfc_nvme.c @@ -1235,6 +1235,16 @@ lpfc_nvme_fcp_io_submit(struct nvme_fc_local_port *pnvme_lport, vport = lport->vport; phba = vport->phba; + /* Validate pointers. */ + if (!pnvme_lport || !pnvme_rport || !freqpriv) { + lpfc_printf_vlog(vport, KERN_INFO, LOG_NVME_IOERR | LOG_NODE, + "6117 No Send:IO submit ptrs NULL, lport %p, " + "rport %p fcreq_priv %p\n", + pnvme_lport, pnvme_rport, freqpriv); + ret = -ENODEV; + goto out_fail; + } + #ifdef CONFIG_SCSI_LPFC_DEBUG_FS if (phba->ktime_on) start = ktime_get_ns(); |