summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorLogan Gunthorpe <logang@deltatee.com>2019-07-31 17:35:31 -0600
committerSagi Grimberg <sagi@grimberg.me>2019-07-31 17:57:06 -0700
commit3aed86731ee2b23e4dc4d2c6d943d33992cd551b (patch)
treeec1c8fdaaae875427d39e0734626161419167293 /security
parentfab7772bfbcfe8fb8e3e352a6a8fcaf044cded17 (diff)
downloadlinux-3aed86731ee2b23e4dc4d2c6d943d33992cd551b.tar.gz
linux-3aed86731ee2b23e4dc4d2c6d943d33992cd551b.tar.bz2
linux-3aed86731ee2b23e4dc4d2c6d943d33992cd551b.zip
nvmet: Fix use-after-free bug when a port is removed
When a port is removed through configfs, any connected controllers are still active and can still send commands. This causes a use-after-free bug which is detected by KASAN for any admin command that dereferences req->port (like in nvmet_execute_identify_ctrl). To fix this, disconnect all active controllers when a subsystem is removed from a port. This ensures there are no active controllers when the port is eventually removed. Signed-off-by: Logan Gunthorpe <logang@deltatee.com> Reviewed-by: Sagi Grimberg <sagi@grimberg.me> Reviewed-by: Max Gurtovoy <maxg@mellanox.com> Reviewed-by : Chaitanya Kulkarni <chaitanya.kulkarni@wdc.com> Signed-off-by: Sagi Grimberg <sagi@grimberg.me>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions