[PATCH 1/4] nvme-tcp: fix a possible use-after-free in controller reset during load
Christoph Hellwig
hch at lst.de
Tue Feb 1 05:58:41 PST 2022
On Tue, Feb 01, 2022 at 02:36:03PM +0200, Sagi Grimberg wrote:
> The driver will make sure to flush ctrl->async_event_work _after_
> changing the controller state (it is flushed in nvme_stop_ctrl).
> Only after that it will continue to free the admin queue. So if
> this check passed, it is safe to submit the aer command.
>
> I think that the ctrl->state check should be sufficient. In fact, I
> think we can move it to the core instead of doing it in the drivers:
Maybe through in a comment explaining this? Otherwise having less
checks and having them in the core is always a good thing, so I'm
in favour.
More information about the Linux-nvme
mailing list