From c3827a6f54e1a41bd2bd0e5ae13322619214efd4 Mon Sep 17 00:00:00 2001 From: Israel Rukshin Date: Wed, 17 Aug 2016 07:27:06 +0000 Subject: [PATCH] isert: fix cleaning isert_con_dev Clean pointers not to point to invalid memory. - While conn is released set conn_dev->conn to null as conn is invalid now. - While conn_dev is released set priv(conn) to null as conn_dev is invalid now. Signed-off-by: Israel Rukshin git-svn-id: http://svn.code.sf.net/p/scst/svn/trunk@6935 d57e44dd-8a1f-0410-8b47-8ef2f437770f --- iscsi-scst/kernel/isert-scst/iser_rdma.c | 6 +++++- iscsi-scst/kernel/isert-scst/isert_login.c | 9 ++------- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/iscsi-scst/kernel/isert-scst/iser_rdma.c b/iscsi-scst/kernel/isert-scst/iser_rdma.c index 5a1dd721f..ab8b2aa16 100644 --- a/iscsi-scst/kernel/isert-scst/iser_rdma.c +++ b/iscsi-scst/kernel/isert-scst/iser_rdma.c @@ -1279,8 +1279,12 @@ static void isert_kref_free(struct kref *kref) isert_conn->cm_id = NULL; dev = isert_get_priv(&isert_conn->iscsi); - if (dev) + if (dev) { isert_del_timer(dev); + set_bit(ISERT_CONN_PASSED, &dev->flags); + dev->conn = NULL; + dev->state = CS_DISCONNECTED; + } ib_destroy_qp(isert_conn->qp); isert_conn->qp = NULL; diff --git a/iscsi-scst/kernel/isert-scst/isert_login.c b/iscsi-scst/kernel/isert-scst/isert_login.c index 9d78bb1bc..1dd077537 100644 --- a/iscsi-scst/kernel/isert-scst/isert_login.c +++ b/iscsi-scst/kernel/isert-scst/isert_login.c @@ -454,6 +454,7 @@ int isert_connection_closed(struct iscsi_conn *iscsi_conn) wake_up(&dev->waitqueue); isert_dev_release(dev); + isert_set_priv(iscsi_conn, NULL); } isert_free_connection(iscsi_conn); @@ -528,13 +529,7 @@ static int isert_release(struct inode *inode, struct file *filp) dev->sg_virt = NULL; dev->is_discovery = 0; - if (!test_and_set_bit(ISERT_CONN_PASSED, &dev->flags)) { - BUG_ON(dev->conn == NULL); - isert_close_connection(dev->conn); - } - - isert_del_timer(dev); - + isert_delete_conn_dev(dev); isert_dev_release(dev); TRACE_EXIT_RES(res);