Bug 113438

Summary: race conditions in 2.4.21 kernel nbd driver
Product: Red Hat Enterprise Linux 3 Reporter: Paul Clements <paul.clements>
Component: kernelAssignee: David Miller <davem>
Status: CLOSED WONTFIX QA Contact: Brian Brock <bbrock>
Severity: high Docs Contact:
Priority: medium    
Version: 3.0CC: barryn, petrides, riel
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-10-19 19:31:21 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
patch file none

Description Paul Clements 2004-01-13 22:27:20 UTC 
Description of problem:

There are several race conditions in the 2.4.21 kernel nbd driver 
that can cause a kernel oops. A patch has been accepted by the 2.4 
kernel maintainer (Marcelo Tosatti) circa 2.4.22-preX release. The 
2.4.21 kernel in RHEL3 is susceptible to these problems. The patch to 
fix these problems is attached.

Specifically, the patch fixes the following problems:

1) adds locking and properly orders the code in NBD_CLEAR_SOCK to
eliminate races with other code
 
2) adds an lo->sock check to nbd_clear_que to eliminate races between
do_nbd_request and nbd_clear_que, which resulted in the dequeuing of
active requests
 
3) adds an lo->sock check to NBD_DO_IT to eliminate races with
NBD_CLEAR_SOCK, which caused an Oops when "nbd-client -d" was called
 
Version-Release number of selected component (if applicable):
kernel 2.4.21

How reproducible:
sometimes

Steps to Reproduce:
normal usage of nbd driver and utilities causes kernel oops

Actual results:
kernel oops

Expected results:
no kernel oops

Additional info:
Comment 1 Paul Clements 2004-01-13 22:33:39 UTC 
Created attachment 96954 [details]
patch file
Comment 3 Barry K. Nathan 2004-09-23 09:32:25 UTC 
Looks like this patch still isn't in 2.4.21-20.EL.
Comment 5 RHEL Program Management 2007-10-19 19:31:21 UTC 
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
 
For more information of the RHEL errata support policy, please visit:
http://www.redhat.com/security/updates/errata/
 
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.