scsi: ufs: bsg: Set bsg_queue to NULL after removal

Currently, this does not cause any issues, but I believe it is necessary to set bsg_queue to NULL after removing it to prevent potential use-after-free (UAF) access. Signed-off-by: Guixin Liu <[email protected]> Link: https://lore.kernel.org/r/[email protected] Reviewed-by: Avri Altman <[email protected]> Signed-off-by: Martin K. Petersen <[email protected]>
author: Guixin Liu <[email protected]> 2024-12-18 01:42:14 +0000
committer: Martin K. Petersen <[email protected]> 2025-01-10 23:03:35 +0000
commit: 1e95c798d8a7f70965f0f88d4657b682ff0ec75f (patch)
tree: 0ac6289b73782aad2484e85366a176a9d6c7f67d
parent: scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails (diff)
download: kernel-1e95c798d8a7f70965f0f88d4657b682ff0ec75f.tar.gz
kernel-1e95c798d8a7f70965f0f88d4657b682ff0ec75f.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/drivers/ufs/core/ufs_bsg.c b/drivers/ufs/core/ufs_bsg.c
index 58023f735c19..8d4ad0a3f2cf 100644
--- a/drivers/ufs/core/ufs_bsg.c
+++ b/drivers/ufs/core/ufs_bsg.c
@@ -216,6 +216,7 @@ void ufs_bsg_remove(struct ufs_hba *hba)
 		return;
 
 	bsg_remove_queue(hba->bsg_queue);
+	hba->bsg_queue = NULL;
 
 	device_del(bsg_dev);
 	put_device(bsg_dev);
author	Guixin Liu <[email protected]>	2024-12-18 01:42:14 +0000
committer	Martin K. Petersen <[email protected]>	2025-01-10 23:03:35 +0000
commit	1e95c798d8a7f70965f0f88d4657b682ff0ec75f (patch)
tree	0ac6289b73782aad2484e85366a176a9d6c7f67d
parent	scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails (diff)
download	kernel-1e95c798d8a7f70965f0f88d4657b682ff0ec75f.tar.gz kernel-1e95c798d8a7f70965f0f88d4657b682ff0ec75f.zip