firewire: fw-sbp2: fix NULL pointer deref. in scsi_remove_device
Fix a kernel bug when unplugging an SBP-2 device after having its
scsi_device already removed via the "delete" sysfs attribute.
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
diff --git a/drivers/firewire/fw-sbp2.c b/drivers/firewire/fw-sbp2.c
index 60ebcb5..5259491 100644
--- a/drivers/firewire/fw-sbp2.c
+++ b/drivers/firewire/fw-sbp2.c
@@ -762,9 +762,10 @@
sbp2_unblock(tgt);
list_for_each_entry_safe(lu, next, &tgt->lu_list, link) {
- if (lu->sdev)
+ if (lu->sdev) {
scsi_remove_device(lu->sdev);
-
+ scsi_device_put(lu->sdev);
+ }
sbp2_send_management_orb(lu, tgt->node_id, lu->generation,
SBP2_LOGOUT_REQUEST, lu->login_id, NULL);
@@ -886,12 +887,11 @@
if (IS_ERR(sdev))
goto out_logout_login;
- scsi_device_put(sdev);
-
/* Unreported error during __scsi_add_device() */
smp_rmb(); /* get current card generation */
if (generation != device->card->generation) {
scsi_remove_device(sdev);
+ scsi_device_put(sdev);
goto out_logout_login;
}