nvme-pci: fix NULL pointer dereference in nvme_free_host_mem()
Following condition which will cause NULL pointer dereference will occur in nvme_free_host_mem() when it tries to remove pci device via nvme_remove() especially after a failure of host memory allocation for HMB. "(host_mem_descs == NULL) && (nr_host_mem_descs != 0)" It's because __nr_host_mem_descs__ is not cleared to 0 unlike __host_mem_descs__ is so. Signed-off-by: Minwoo Im <minwoo.im.dev@gmail.com> Signed-off-by: Christoph Hellwig <hch@lst.de>
This commit is contained in:
parent
eb1bd249ba
commit
7e5dd57ef3
@ -1759,6 +1759,7 @@ static void nvme_free_host_mem(struct nvme_dev *dev)
|
|||||||
dev->nr_host_mem_descs * sizeof(*dev->host_mem_descs),
|
dev->nr_host_mem_descs * sizeof(*dev->host_mem_descs),
|
||||||
dev->host_mem_descs, dev->host_mem_descs_dma);
|
dev->host_mem_descs, dev->host_mem_descs_dma);
|
||||||
dev->host_mem_descs = NULL;
|
dev->host_mem_descs = NULL;
|
||||||
|
dev->nr_host_mem_descs = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int __nvme_alloc_host_mem(struct nvme_dev *dev, u64 preferred,
|
static int __nvme_alloc_host_mem(struct nvme_dev *dev, u64 preferred,
|
||||||
|
Loading…
Reference in New Issue
Block a user