diff options
| author | Chunguang Xu <[email protected]> | 2024-06-11 18:02:08 +0800 |
|---|---|---|
| committer | Keith Busch <[email protected]> | 2024-06-12 10:56:50 -0700 |
| commit | e5d574ab37f5f2e7937405613d9b1a724811e5ad (patch) | |
| tree | 1cf2ca72fc6ae3a8b9164aac69b05329f13718ff | |
| parent | b1a1fdd7096dd2d67911b07f8118ff113d815db4 (diff) | |
nvme: avoid double free special payload
If a discard request needs to be retried, and that retry may fail before
a new special payload is added, a double free will result. Clear the
RQF_SPECIAL_LOAD when the request is cleaned.
Signed-off-by: Chunguang Xu <[email protected]>
Reviewed-by: Sagi Grimberg <[email protected]>
Reviewed-by: Max Gurtovoy <[email protected]>
Signed-off-by: Keith Busch <[email protected]>
| -rw-r--r-- | drivers/nvme/host/core.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c index f5d150c62955..c40930d10bd3 100644 --- a/drivers/nvme/host/core.c +++ b/drivers/nvme/host/core.c @@ -998,6 +998,7 @@ void nvme_cleanup_cmd(struct request *req) clear_bit_unlock(0, &ctrl->discard_page_busy); else kfree(bvec_virt(&req->special_vec)); + req->rq_flags &= ~RQF_SPECIAL_PAYLOAD; } } EXPORT_SYMBOL_GPL(nvme_cleanup_cmd); |