From: Stephen M. Cameron <StephenM.Cameron>
If you delete a logical drive, and then run BLKRRPART (e.g. via fdisk)
on a logical drive which is "after" the deleted logical drive in the h->drv[]
array, then cciss_revalidate panics because it will access the null pointer
h->drv[x] when x hits the deleted drive.
Signed-off-by: Stephen M. Cameron <[email protected]>
---
drivers/block/cciss.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/drivers/block/cciss.c b/drivers/block/cciss.c
index f291587..8e0f925 100644
--- a/drivers/block/cciss.c
+++ b/drivers/block/cciss.c
@@ -2834,6 +2834,8 @@ static int cciss_revalidate(struct gendisk *disk)
InquiryData_struct *inq_buff = NULL;
for (logvol = 0; logvol < CISS_MAX_LUN; logvol++) {
+ if (!h->drv[logvol])
+ continue;
if (memcmp(h->drv[logvol]->LunID, drv->LunID,
sizeof(drv->LunID)) == 0) {
FOUND = 1;
On 2010-12-16 20:02, Stephen M. Cameron wrote:
> From: Stephen M. Cameron <StephenM.Cameron>
>
> If you delete a logical drive, and then run BLKRRPART (e.g. via fdisk)
> on a logical drive which is "after" the deleted logical drive in the h->drv[]
> array, then cciss_revalidate panics because it will access the null pointer
> h->drv[x] when x hits the deleted drive.
Thanks Stephen. I put this in for-linus for 2.6.37 and marked it for
stable backport.
--
Jens Axboe
On Fri, Dec 17, 2010 at 09:02:22AM +0100, Jens Axboe wrote:
> On 2010-12-16 20:02, Stephen M. Cameron wrote:
> > From: Stephen M. Cameron <StephenM.Cameron>
> >
> > If you delete a logical drive, and then run BLKRRPART (e.g. via fdisk)
> > on a logical drive which is "after" the deleted logical drive in the h->drv[]
> > array, then cciss_revalidate panics because it will access the null pointer
> > h->drv[x] when x hits the deleted drive.
>
> Thanks Stephen. I put this in for-linus for 2.6.37 and marked it for
> stable backport.
This got applied without the semicolon after 'continue' somehow and
broke build. Please apply the patch below.
Michal
>From 70b720652024b23d71d72a1464f174df124600b7 Mon Sep 17 00:00:00 2001
From: Michal Marek <[email protected]>
Date: Tue, 21 Dec 2010 00:35:56 +0100
Subject: [PATCH] cciss: Fix build
drivers/block/cciss.c:2839:3: error: expected ';' before 'if'
Signed-off-by: Michal Marek <[email protected]>
diff --git a/drivers/block/cciss.c b/drivers/block/cciss.c
index 233e06c..8e0f925 100644
--- a/drivers/block/cciss.c
+++ b/drivers/block/cciss.c
@@ -2835,7 +2835,7 @@ static int cciss_revalidate(struct gendisk *disk)
for (logvol = 0; logvol < CISS_MAX_LUN; logvol++) {
if (!h->drv[logvol])
- continue
+ continue;
if (memcmp(h->drv[logvol]->LunID, drv->LunID,
sizeof(drv->LunID)) == 0) {
FOUND = 1;
On 2010-12-21 00:42, Michal Marek wrote:
> On Fri, Dec 17, 2010 at 09:02:22AM +0100, Jens Axboe wrote:
>> On 2010-12-16 20:02, Stephen M. Cameron wrote:
>>> From: Stephen M. Cameron <StephenM.Cameron>
>>>
>>> If you delete a logical drive, and then run BLKRRPART (e.g. via fdisk)
>>> on a logical drive which is "after" the deleted logical drive in the h->drv[]
>>> array, then cciss_revalidate panics because it will access the null pointer
>>> h->drv[x] when x hits the deleted drive.
>>
>> Thanks Stephen. I put this in for-linus for 2.6.37 and marked it for
>> stable backport.
>
> This got applied without the semicolon after 'continue' somehow and
> broke build. Please apply the patch below.
I wonder how that happened. Thanks, I'll fix it up.
--
Jens Axboe
On 2010-12-21 08:33, Jens Axboe wrote:
> On 2010-12-21 00:42, Michal Marek wrote:
>> On Fri, Dec 17, 2010 at 09:02:22AM +0100, Jens Axboe wrote:
>>> On 2010-12-16 20:02, Stephen M. Cameron wrote:
>>>> From: Stephen M. Cameron <StephenM.Cameron>
>>>>
>>>> If you delete a logical drive, and then run BLKRRPART (e.g. via fdisk)
>>>> on a logical drive which is "after" the deleted logical drive in the h->drv[]
>>>> array, then cciss_revalidate panics because it will access the null pointer
>>>> h->drv[x] when x hits the deleted drive.
>>>
>>> Thanks Stephen. I put this in for-linus for 2.6.37 and marked it for
>>> stable backport.
>>
>> This got applied without the semicolon after 'continue' somehow and
>> broke build. Please apply the patch below.
>
> I wonder how that happened. Thanks, I'll fix it up.
Linus already did I see.
--
Jens Axboe