Bug 113438 - race conditions in 2.4.21 kernel nbd driver
Summary: race conditions in 2.4.21 kernel nbd driver
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: kernel
Version: 3.0
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: David Miller
QA Contact: Brian Brock
Depends On:
TreeView+ depends on / blocked
Reported: 2004-01-13 22:27 UTC by Paul Clements
Modified: 2007-11-30 22:07 UTC (History)
3 users (show)

Clone Of:
Last Closed: 2007-10-19 19:31:21 UTC

Attachments (Terms of Use)
patch file (2.00 KB, patch)
2004-01-13 22:33 UTC, Paul Clements
no flags Details | Diff

Description Paul Clements 2004-01-13 22:27:20 UTC
Description of problem:

There are several race conditions in the 2.4.21 kernel nbd driver 
that can cause a kernel oops. A patch has been accepted by the 2.4 
kernel maintainer (Marcelo Tosatti) circa 2.4.22-preX release. The 
2.4.21 kernel in RHEL3 is susceptible to these problems. The patch to 
fix these problems is attached.

Specifically, the patch fixes the following problems:

1) adds locking and properly orders the code in NBD_CLEAR_SOCK to
eliminate races with other code
2) adds an lo->sock check to nbd_clear_que to eliminate races between
do_nbd_request and nbd_clear_que, which resulted in the dequeuing of
active requests
3) adds an lo->sock check to NBD_DO_IT to eliminate races with
NBD_CLEAR_SOCK, which caused an Oops when "nbd-client -d" was called
Version-Release number of selected component (if applicable):
kernel 2.4.21

How reproducible:

Steps to Reproduce:
normal usage of nbd driver and utilities causes kernel oops

Actual results:
kernel oops

Expected results:
no kernel oops

Additional info:

Comment 1 Paul Clements 2004-01-13 22:33:39 UTC
Created attachment 96954 [details]
patch file

Comment 3 Barry K. Nathan 2004-09-23 09:32:25 UTC
Looks like this patch still isn't in 2.4.21-20.EL.

Comment 5 RHEL Product and Program Management 2007-10-19 19:31:21 UTC
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
For more information of the RHEL errata support policy, please visit:
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.

Note You need to log in before you can comment on or make changes to this bug.