[PATCH 7/8] nvmet: add a generic NVMe target
Sagi Grimberg
sagig at dev.mellanox.co.il
Sun Nov 8 02:26:04 PST 2015
> +void nvmet_ns_free(struct nvmet_ns *ns)
> +{
> + struct nvmet_subsys *subsys = ns->subsys;
> +
> + mutex_lock(&subsys->lock);
> + if (!list_empty(&ns->dev_link))
> + list_del_init(&ns->dev_link);
> + mutex_unlock(&subsys->lock);
> +
> + nvmet_put_namespace(ns);
> +}
> +
> +struct nvmet_ns *nvmet_ns_alloc(struct nvmet_subsys *subsys, u32 nsid)
> +{
> + struct nvmet_ns *ns;
> +
> + ns = kzalloc(sizeof(*ns), GFP_KERNEL);
> + if (!ns)
> + return NULL;
> +
This lacks also:
INIT_LIST_HEAD(&ns->dev_link);
So the list_empty() check in ns_free won't be bogus...
It causes a NULL deref on configfs rmdir.
> + kref_init(&ns->ref);
> + ns->nsid = nsid;
> + ns->subsys = subsys;
> + return ns;
> +}
More information about the Linux-nvme
mailing list