scsi: sd: Fix potential NULL pointer dereference
stable inclusion from stable-v5.10.122 commit c1f0187025905e9981000d44a92e159468b561a8 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I5W6OE Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=c1f0187025905e9981000d44a92e159468b561a8 -------------------------------- [ Upstream commit 05fbde3a ] If sd_probe() sees an early error before sdkp->device is initialized, sd_zbc_release_disk() is called. This causes a NULL pointer dereference when sd_is_zoned() is called inside that function. Avoid this by removing the call to sd_zbc_release_disk() in sd_probe() error path. This change is safe and does not result in zone information memory leakage because the zone information for a zoned disk is allocated only when sd_revalidate_disk() is called, at which point sdkp->disk_dev is fully set, resulting in sd_disk_release() being called when needed to cleanup a disk zone information using sd_zbc_release_disk(). Link: https://lore.kernel.org/r/20220601062544.905141-2-damien.lemoal@opensource.wdc.com Fixes: 89d94756 ("sd: Implement support for ZBC devices") Reported-by: NDongliang Mu <mudongliangabcd@gmail.com> Suggested-by: NChristoph Hellwig <hch@lst.de> Reviewed-by: NChristoph Hellwig <hch@lst.de> Signed-off-by: NDamien Le Moal <damien.lemoal@opensource.wdc.com> Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com> Signed-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com> Reviewed-by: NWei Li <liwei391@huawei.com>
Showing
想要评论请 注册 或 登录