Details

Issue of the Implementation # L0195

Brief

target: potential double lock in iscsit_get_tpg()

Detailed Description

There is a potential double lock because of quite strange code in iscsit_get_tpg().

drivers/target/iscsi/iscsi_target_tpg.c:
int iscsit_get_tpg(
	struct iscsi_portal_group *tpg)
{
	int ret;
	ret = mutex_lock_interruptible(&tpg->tpg_access_lock);
	return ((ret != 0) || signal_pending(current)) ? -1 : 0;
}

If mutex_lock_interruptible() successfully acquires the mutex, but there is a pending signal, the function returns error, but it leaves the mutex held. Callers do not expect such behaviour that can lead to a deadlock.

Component

linux-kernel 3.19

Accepted

https://lkml.org/lkml/2015/5/19/964
commit

Status

Fixed in kernel 4.1

[Home]

Русский

About Us

Projects