CVSROOT: /cvs
Module name: src
Changes by: bl...@cvs.openbsd.org 2016/03/11 17:48:44
Modified files:
sys/scsi : sd.c
Log message:
When unplugging an USB umass stick, the kernel could panic because
of a use after free. In sdopen() the scsi link pointer is taken
from the scsi disk struct. While the scsi disk memory is refcounted
by autoconf, the scsi link may be detached and freed during sleep.
The solution is to check wether the disk is dying after every sleep.
The SDF_DYING flag is set before scsi bus and scsi disk are detached,
so without this flag the link must be valid.
input and OK krw@
