From: Hans-Joachim Picht <hpicht@redhat.com>
Date: Fri, 23 May 2008 13:41:41 +0200
Subject: [s390] zfcp: memory handling for GID_PN
Message-id: 20080523114141.GE22453@redhat.com
O-Subject: [RHEL5 U3 PATCH 1/2] s390 - zfcp: Memory handling for GID_PN
Bugzilla: 447727
RH-Acked-by: Pete Zaitcev <zaitcev@redhat.com>
Description
============
When allocating memory for GID_PN nameserver requests, the allocation
function stores the pointer to the mempool, but then overwrites the
pointer via memset. Later, the wrong function to free the memory will
be called, since this is based on the stored pointer.
Fix this by first initializing the struct and then storing the pointer
Bugzilla
=========
BZ 447727
https://bugzilla.redhat.com/show_bug.cgi?id=447727
Upstream status of the patch:
=============================
The patch has been posted upstream
http://marc.info/?l=linux-scsi&m=121119237815123&w=2
Test status:
============
The patch has been tested and fixes the problem.
The fix was verified by the IBM test team.
Please ACK.
With best regards,
--Hans
diff --git a/drivers/s390/scsi/zfcp_aux.c b/drivers/s390/scsi/zfcp_aux.c
index f798903..cd9deb1 100644
--- a/drivers/s390/scsi/zfcp_aux.c
+++ b/drivers/s390/scsi/zfcp_aux.c
@@ -1539,19 +1539,16 @@ zfcp_gid_pn_buffers_alloc(struct zfcp_gid_pn_data **gid_pn, mempool_t *pool)
{
struct zfcp_gid_pn_data *data;
- if (pool != NULL) {
+ if (pool)
data = mempool_alloc(pool, GFP_ATOMIC);
- if (likely(data != NULL)) {
- data->ct.pool = pool;
- }
- } else {
+ else
data = kmalloc(sizeof(struct zfcp_gid_pn_data), GFP_ATOMIC);
- }
if (NULL == data)
return -ENOMEM;
memset(data, 0, sizeof(*data));
+ data->ct.pool = pool;
data->ct.req = &data->req;
data->ct.resp = &data->resp;
data->ct.req_count = data->ct.resp_count = 1;
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
fc11cd6e1c513a17304da94a5390f3cd
>
files
>
3240
