[PATCH 1/4] nvme-tcp: fix a possible use-after-free in controller reset during load
Christoph Hellwig
hch at lst.de
Wed Feb 2 00:18:59 PST 2022
On Tue, Feb 01, 2022 at 05:25:02PM +0200, Sagi Grimberg wrote:
>
>> On Tue, Feb 01, 2022 at 02:36:03PM +0200, Sagi Grimberg wrote:
>>> The driver will make sure to flush ctrl->async_event_work _after_
>>> changing the controller state (it is flushed in nvme_stop_ctrl).
>>> Only after that it will continue to free the admin queue. So if
>>> this check passed, it is safe to submit the aer command.
>>>
>>> I think that the ctrl->state check should be sufficient. In fact, I
>>> think we can move it to the core instead of doing it in the drivers:
>>
>> Maybe through in a comment explaining this? Otherwise having less
>> checks and having them in the core is always a good thing, so I'm
>> in favour.
>
> I sent a v2 already. You want me to send a v3 with something like:
I've added the comment manually and applied the v2 series, thanks!
More information about the Linux-nvme
mailing list