tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

ata: libata-scsi: Fix ata_scsi_dev_rescan() error path

Commit 0c76106cb975 ("scsi: sd: Fix TCG OPAL unlock on system resume")
incorrectly handles failures of scsi_resume_device() in
ata_scsi_dev_rescan(), leading to a double call to
spin_unlock_irqrestore() to unlock a device port. Fix this by redefining
the goto labels used in case of errors and only unlock the port
scsi_scan_mutex when scsi_resume_device() fails.

Bug found with the Smatch static checker warning:

drivers/ata/libata-scsi.c:4774 ata_scsi_dev_rescan()
error: double unlocked 'ap->lock' (orig line 4757)

Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Fixes: 0c76106cb975 ("scsi: sd: Fix TCG OPAL unlock on system resume")
Cc: stable@vger.kernel.org
Signed-off-by: Damien Le Moal <dlemoal@kernel.org>
Reviewed-by: Niklas Cassel <cassel@kernel.org>

Damien Le Moal 79336504 24cfd864

+5 -4
+5 -4
drivers/ata/libata-scsi.c
··· 4745 4745 * bail out. 4746 4746 */ 4747 4747 if (ap->pflags & ATA_PFLAG_SUSPENDED) 4748 - goto unlock; 4748 + goto unlock_ap; 4749 4749 4750 4750 if (!sdev) 4751 4751 continue; ··· 4758 4758 if (do_resume) { 4759 4759 ret = scsi_resume_device(sdev); 4760 4760 if (ret == -EWOULDBLOCK) 4761 - goto unlock; 4761 + goto unlock_scan; 4762 4762 dev->flags &= ~ATA_DFLAG_RESUMING; 4763 4763 } 4764 4764 ret = scsi_rescan_device(sdev); ··· 4766 4766 spin_lock_irqsave(ap->lock, flags); 4767 4767 4768 4768 if (ret) 4769 - goto unlock; 4769 + goto unlock_ap; 4770 4770 } 4771 4771 } 4772 4772 4773 - unlock: 4773 + unlock_ap: 4774 4774 spin_unlock_irqrestore(ap->lock, flags); 4775 + unlock_scan: 4775 4776 mutex_unlock(&ap->scsi_scan_mutex); 4776 4777 4777 4778 /* Reschedule with a delay if scsi_rescan_device() returned an error */