target/iblock: Fix double bioset_integrity_free bug

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

This patch fixes a double free bug during IBLOCK backend shutdown
where bioset_integrity_free() was incorrectly called ahead of
bioset_free(), who is already making the same call directly.

This bug was introduced with commit ecebbf6cc, and will end up
triggering a general protection fault in iblock_free_device()

Reviewed-by: Sagi Grimberg <sagig@mellanox.com>
Cc: Martin K. Petersen <martin.petersen@oracle.com>
Cc: Or Gerlitz <ogerlitz@mellanox.com>
Cc: Quinn Tran <quinn.tran@qlogic.com>
Cc: Giridhar Malavali <giridhar.malavali@qlogic.com>
Cc: <stable@vger.kernel.org> #3.14+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>

Nicholas Bellinger 12 years ago d84287bc a1e1774c

+2 -3

1 changed file

expand all

drivers

target

target_core_iblock.c

+2 -3

drivers/target/target_core_iblock.c

··· 203 203 204 204 if (ib_dev->ibd_bd != NULL) 205 205 blkdev_put(ib_dev->ibd_bd, FMODE_WRITE|FMODE_READ|FMODE_EXCL); 206 - if (ib_dev->ibd_bio_set != NULL) { 207 - bioset_integrity_free(ib_dev->ibd_bio_set); 206 + if (ib_dev->ibd_bio_set != NULL) 208 207 bioset_free(ib_dev->ibd_bio_set); 209 - } 208 + 210 209 kfree(ib_dev); 211 210 } 212 211