When we trigger nvm target remove during device hot unplug, we have a chance to hit general protection fault caused by use of nvm_dev which was freed from another (hot unplug) thread (in nvm_unregister function).
This patch introduce lock in nvme_ioctl_dev_remove function to prevent us before a situation like described above. Signed-off-by: Marcin Dziegielewski <[email protected]> --- drivers/lightnvm/core.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/lightnvm/core.c b/drivers/lightnvm/core.c index 5f82036..84f0b9a 100644 --- a/drivers/lightnvm/core.c +++ b/drivers/lightnvm/core.c @@ -1335,11 +1335,13 @@ static long nvm_ioctl_dev_remove(struct file *file, void __user *arg) return -EINVAL; } + down_read(&nvm_lock); list_for_each_entry(dev, &nvm_devices, devices) { ret = nvm_remove_tgt(dev, &remove); if (!ret) break; } + up_read(&nvm_lock); return ret; } -- 1.8.3.1
