aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>2006-12-11 04:01:34 -0500
committerJens Axboe <axboe@nelson.home.kernel.dk>2006-12-12 04:22:23 -0500
commit77d172ce2719b5ad2dc0637452c8871d9cba344c (patch)
tree4783e29d9e1cff21a91e8c7a9d5e32c6c1b06479
parent2b02a1792000900ead4638f4d42fcdd742062cfa (diff)
[PATCH] fix SG_IO bio leak
This patch fixes bio leaks in SG_IO. rq->bio can be changed after io completion, so we need to reset rq->bio before calling blk_rq_unmap_user() http://marc.theaimsgroup.com/?l=linux-kernel&m=116570666807983&w=2 Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
-rw-r--r--block/scsi_ioctl.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/block/scsi_ioctl.c b/block/scsi_ioctl.c
index b3e210723a71..045cabd3d4b4 100644
--- a/block/scsi_ioctl.c
+++ b/block/scsi_ioctl.c
@@ -228,6 +228,7 @@ static int sg_io(struct file *file, request_queue_t *q,
228 struct request *rq; 228 struct request *rq;
229 char sense[SCSI_SENSE_BUFFERSIZE]; 229 char sense[SCSI_SENSE_BUFFERSIZE];
230 unsigned char cmd[BLK_MAX_CDB]; 230 unsigned char cmd[BLK_MAX_CDB];
231 struct bio *bio;
231 232
232 if (hdr->interface_id != 'S') 233 if (hdr->interface_id != 'S')
233 return -EINVAL; 234 return -EINVAL;
@@ -308,6 +309,7 @@ static int sg_io(struct file *file, request_queue_t *q,
308 if (ret) 309 if (ret)
309 goto out; 310 goto out;
310 311
312 bio = rq->bio;
311 rq->retries = 0; 313 rq->retries = 0;
312 314
313 start_time = jiffies; 315 start_time = jiffies;
@@ -338,6 +340,7 @@ static int sg_io(struct file *file, request_queue_t *q,
338 hdr->sb_len_wr = len; 340 hdr->sb_len_wr = len;
339 } 341 }
340 342
343 rq->bio = bio;
341 if (blk_rq_unmap_user(rq)) 344 if (blk_rq_unmap_user(rq))
342 ret = -EFAULT; 345 ret = -EFAULT;
343 346