korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-18 01:34:14 +08:00
Code Issues Packages Projects Releases Wiki Activity
938f372c7d
linux/drivers/scsi
History
Jitendra Bhivare 938f372c7d scsi: be2iscsi: Fix async PDU handling path 
BUG: unable to handle kernel NULL pointer dereference at 000000000000015e
IP: [<ffffffffa0081700>]
hwi_get_async_handle.isra.23.constprop.39+0x90/0x1d0 [be2iscsi]
PGD 0
Oops: 0000 [#1] SMP
...
Call Trace:
 <IRQ>
 [<ffffffffa00818bc>] hwi_process_default_pdu_ring+0x7c/0x280 [be2iscsi]
 [<ffffffffa0088f51>] beiscsi_process_cq+0x321/0xb90 [be2iscsi]
 [<ffffffff810af028>] ? __wake_up_common+0x58/0x90
 [<ffffffff810b0d84>] ? __wake_up+0x44/0x50
 [<ffffffffa0089a2d>] be_iopoll+0x1d/0xb0 [be2iscsi]
 [<ffffffff812d1f61>] blk_iopoll_softirq+0xc1/0x100
 [<ffffffff81084b0f>] __do_softirq+0xef/0x280

The symptom observed is multiple async handles get queued for same index
thus causing leak in buffers posted to FW.

The root cause is:
- async handle is continued to be used even if it does not match the
completion.
- list_move operation done on already filled index.

1. Remove use of writables, host_write_ptr and ep_read_ptr.
2. Remove consumed logic to update writables. Instead, use only
free_entries to do the accounting of handles to be posted back.
3. Remove busy_list, instead use simple slot to index handles.
4. Added check no data, header less and overflow to make sure
all async_handles are flushed in error cases.
5. Added code to verify gathering of handles to form PDU by
checking final bit before forwarding PDU.
6. Added code to catch mismatch with CQE and handle gracefully.
7. Use AMAP, traverse cri_wait_queue list to post buffers, log
"async PDU" related errors.
8. Rearranged few data structures and added comments in init &
processing path.
9. Added WARN_ONs to catch any HD ring corruption.

Signed-off-by: Jitendra Bhivare <jitendra.bhivare@broadcom.com>
Reviewed-by: Hannes Reinecke <hare@suse.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
2016-08-23 22:42:44 -04:00
..
aacraid aacraid: use kmemdup 2016-07-12 23:16:31 -04:00
aic7xxx aic7xxx: Fix queue depth handling 2016-02-23 21:27:02 -05:00
aic94xx treewide: Fix typos in printk 2016-04-18 11:23:24 +02:00
arcmsr arcmsr: change driver version to v1.30.00.22-20151126 2015-11-30 18:51:20 -05:00
arm scsi: rename SCSI_MAX_{SG, SG_CHAIN}_SEGMENTS 2016-04-15 16:53:14 -04:00
be2iscsi scsi: be2iscsi: Fix async PDU handling path 2016-08-23 22:42:44 -04:00
bfa scripts/spelling.txt: add "fimware" misspelling 2016-05-19 19:12:14 -07:00
bnx2fc fcoe: use enum for fip_mode 2016-07-13 22:05:28 -04:00
bnx2i bnx2i: fix spelling mistake "complection" -> "completion" 2016-07-12 23:16:31 -04:00
csiostor scsi: use host wide tags by default 2015-11-09 17:11:57 -08:00
cxgbi cxgb3i, cxgb4i: fix symbol not declared sparse warning 2016-07-25 10:31:09 -07:00
cxlflash scsi: cxlflash: Remove adapter file descriptor cache 2016-08-23 22:23:52 -04:00
device_handler Merge branch 'fixes' into misc 2016-05-17 21:12:50 -04:00
dpt
esas2r scsi: rename SCSI_MAX_{SG, SG_CHAIN}_SEGMENTS 2016-04-15 16:53:14 -04:00
fcoe scsi: fcoe: provide translation table between Ethernet and FC port speeds 2016-08-23 22:27:47 -04:00
fnic fnic: pci_dma_mapping_error() doesn't return an error code 2016-07-20 20:49:17 -04:00
hisi_sas hisi_sas: update driver version to 1.5 2016-07-12 23:16:31 -04:00
ibmvscsi Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2016-08-04 20:04:37 -04:00
ibmvscsi_tgt ibmvscsis: Initial commit of IBM VSCSI Tgt Driver 2016-07-20 01:15:43 -07:00
isci Merge branch 'for-4.7-zac' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata 2016-05-23 17:53:39 -07:00
libfc scsi: libfc: do not send ABTS when resetting exchanges 2016-08-18 22:35:17 -04:00
libsas SCSI misc on 20160727 2016-07-27 14:48:37 -07:00
lpfc SCSI misc on 20160805 2016-08-05 23:47:27 -04:00
megaraid megaraid_sas: Do not fire MR_DCMD_PD_LIST_QUERY to controllers which do not support it 2016-07-13 22:28:56 -04:00
mpt3sas mpt3sas: Don't spam logs if logging level is 0 2016-08-08 21:27:13 -04:00
mvsas libata/libsas: Define ATA_CMD_NCQ_NON_DATA 2016-05-09 12:36:44 -04:00
osd scsi/osd: open code blk_make_request 2016-07-20 17:38:35 -06:00
pcmcia scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
pm8001 pm8001: fix typo 2016-07-12 23:16:31 -04:00
qla2xxx qla2xxx: small cleanup in qla2x00_wait_for_hba_ready() 2016-08-08 21:28:43 -04:00
qla4xxx scsi: qla4xxx: shut up warning for rd_reg_indirect 2016-02-23 21:27:02 -05:00
smartpqi smartpqi: initial commit of Microsemi smartpqi driver 2016-08-12 16:00:09 -04:00
snic snic: Fix use-after-free in case of a dma mapping error 2016-07-12 23:16:31 -04:00
sym53c8xx_2 scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
ufs scsi: ufs: remove unnecessary goto label 2016-07-15 15:44:45 -04:00
.gitignore
3w-9xxx.c 3w-9xxx: don't unmap bounce buffered commands 2015-10-07 10:24:48 -07:00
3w-9xxx.h 3w-9xxx: fix command completion race 2015-04-27 10:10:19 -07:00
3w-sas.c 3w-sas: fix command completion race 2015-04-27 10:04:39 -07:00
3w-sas.h 3w-sas: fix command completion race 2015-04-27 10:04:39 -07:00
3w-xxxx.c 3w-xxxx: Pass through compat mode ioctls 2016-01-08 12:51:03 -05:00
3w-xxxx.h 3w-xxxx: fix command completion race 2015-04-27 10:05:55 -07:00
53c700_d.h_shipped
53c700.c scsi: remove current_cmnd field from struct scsi_device 2016-07-13 22:33:23 -04:00
53c700.h scsi: remove current_cmnd field from struct scsi_device 2016-07-13 22:33:23 -04:00
53c700.scr
a100u2w.c scsi: a100u2w: trivial typo in printk 2015-08-07 15:03:42 +02:00
a100u2w.h
a2091.c zorro: ZTWO_VADDR() should return "void __iomem *" 2013-11-26 11:09:07 +01:00
a2091.h
a3000.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
a3000.h
a4000t.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
advansys.c Merge branch 'mkp-fixes' into fixes 2015-12-03 09:32:33 -08:00
aha152x.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
aha152x.h
aha1542.c scsi: aha1542: avoid uninitialized variable warnings 2016-02-23 21:27:02 -05:00
aha1542.h aha1542: fix include guard and remove useless changelog 2015-04-09 18:08:31 -07:00
aha1740.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
aha1740.h scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
am53c974.c am53c974: Fix crash during modprobe 2015-04-17 10:13:56 -07:00
atari_scsi.c atari_scsi: Allow can_queue to be increased for Falcon 2016-04-11 16:57:09 -04:00
atp870u.c atp870u: Introduce atp870_init() 2015-11-25 22:08:55 -05:00
atp870u.h atp870u: Remove scam_on from struct atp_unit 2015-11-25 22:08:52 -05:00
BusLogic.c scsi: replace seq_printf with seq_puts 2015-02-02 09:57:45 -08:00
BusLogic.h
bvme6000_scsi.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
ch.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2015-04-14 09:50:27 -07:00
constants.c scsi: reduce CONFIG_SCSI_CONSTANTS=y impact by 8k 2016-04-11 16:57:09 -04:00
dc395x.c scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
dc395x.h
dmx3191d.c ncr5380: Remove DONT_USE_INTR and AUTOPROBE_IRQ macros 2016-04-11 16:57:09 -04:00
dpt_i2o.c dpt_i2o: fix build warning 2016-02-23 21:27:02 -05:00
dpti.h scsi: use 64-bit LUNs 2014-07-17 22:07:37 +02:00
dtc.c ncr5380: Remove DONT_USE_INTR and AUTOPROBE_IRQ macros 2016-04-11 16:57:09 -04:00
dtc.h ncr5380: Merge DMA implementation from atari_NCR5380 core driver 2016-04-11 16:57:09 -04:00
eata_generic.h
eata_pio.c eata_pio: missing break statement 2016-05-10 22:01:07 -04:00
eata_pio.h
eata.c scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
esp_scsi.c scsi: use host wide tags by default 2015-11-09 17:11:57 -08:00
esp_scsi.h esp_scsi: correctly detect am53c974 2014-11-24 16:13:16 +01:00
fdomain.c scsi: fdomain: drop fdomain_pci_tbl when built-in 2016-02-23 21:27:02 -05:00
fdomain.h
FlashPoint.c FlashPoint: fix build warning 2015-11-09 16:32:14 -08:00
g_NCR5380_mmio.c
g_NCR5380.c ncr5380: Update usage documentation 2016-04-11 16:57:09 -04:00
g_NCR5380.h ncr5380: Merge DMA implementation from atari_NCR5380 core driver 2016-04-11 16:57:09 -04:00
gdth_ioctl.h
gdth_proc.c gdth: replace struct timeval with ktime_get_real_seconds() 2016-02-25 21:16:49 -05:00
gdth_proc.h
gdth.c gdth: replace struct timeval with ktime_get_real_seconds() 2016-02-25 21:16:49 -05:00
gdth.h
gvp11.c zorro: ZTWO_VADDR() should return "void __iomem *" 2013-11-26 11:09:07 +01:00
gvp11.h
hosts.c scsi: remove the disable_blk_mq host flag 2016-07-15 15:11:20 -04:00
hpsa_cmd.h hpsa: update copyright information 2016-02-23 21:27:02 -05:00
hpsa.c hpsa: change hpsa_passthru_ioctl timeout 2016-07-15 15:40:54 -04:00
hpsa.h hpsa: correct handling of HBA device removal 2016-04-29 19:08:24 -04:00
hptiop.c hptiop: Support HighPoint RR36xx HBAs and Support SAS tape and SAS media changer 2015-08-12 13:14:57 -07:00
hptiop.h hptiop: Support HighPoint RR36xx HBAs and Support SAS tape and SAS media changer 2015-08-12 13:14:57 -07:00
imm.c imm: check parport_claim 2016-02-25 21:10:53 -05:00
imm.h
in2000.c scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
in2000.h
initio.c SCSI: initio: remove duplicate module device table 2015-11-20 11:39:03 -05:00
initio.h
ipr.c ipr: Fix error return code in ipr_probe_ioa() 2016-08-02 01:19:18 -04:00
ipr.h ipr: Wait to do async scan until scsi host is initialized 2016-07-27 00:32:07 -04:00
ips.c ips: remove pointless #warning 2015-06-02 17:24:54 -07:00
ips.h
iscsi_boot_sysfs.c ibft: Expose iBFT acpi header via sysfs 2016-05-16 11:14:29 -04:00
iscsi_tcp.c scsi_tcp: block BH in TCP callbacks 2016-05-19 11:36:49 -07:00
iscsi_tcp.h iscsi_tcp: Use ahash 2016-01-27 20:36:10 +08:00
jazz_esp.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
Kconfig smartpqi: initial commit of Microsemi smartpqi driver 2016-08-12 16:00:09 -04:00
lasi700.c
libiscsi_tcp.c iscsi_tcp: Use ahash 2016-01-27 20:36:10 +08:00
libiscsi.c libiscsi: Remove set-but-not-used variables 2016-04-11 16:57:09 -04:00
mac53c94.c PCI: Remove includes of asm/pci-bridge.h 2016-02-05 16:29:28 -06:00
mac53c94.h
mac_esp.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
mac_scsi.c mac_scsi: Fix pseudo DMA implementation 2016-04-11 16:57:09 -04:00
Makefile smartpqi: initial commit of Microsemi smartpqi driver 2016-08-12 16:00:09 -04:00
megaraid.c megaraid : use dev_printk when possible 2015-08-26 07:23:04 -07:00
megaraid.h [SCSI] megaraid: simplify internal command handling 2014-03-27 08:26:31 -07:00
mesh.c PCI: Remove includes of asm/pci-bridge.h 2016-02-05 16:29:28 -06:00
mesh.h
mvme16x_scsi.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
mvme147.c
mvme147.h
mvumi.c scsi: mvumi: use __maybe_unused to hide pm functions 2016-03-05 17:07:46 -05:00
mvumi.h
ncr53c8xx.c scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
ncr53c8xx.h scsi: Remove CONFIG_SCSI_MULTI_LUN 2014-07-17 22:07:35 +02:00
NCR53c406a.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
NCR5380.c ncr5380: Call complete_cmd() for disconnected commands on bus reset 2016-04-11 16:57:09 -04:00
NCR5380.h mac_scsi: Fix pseudo DMA implementation 2016-04-11 16:57:09 -04:00
NCR_D700.c
NCR_D700.h
NCR_Q720.c
NCR_Q720.h
nsp32_debug.c
nsp32_io.h
nsp32.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
nsp32.h
osst_detect.h
osst_options.h
osst.c scsi: remove scsi_driver owner field 2014-11-24 20:01:28 +01:00
osst.h
pas16.c ncr5380: Remove DONT_USE_INTR and AUTOPROBE_IRQ macros 2016-04-11 16:57:09 -04:00
pas16.h ncr5380: Merge DMA implementation from atari_NCR5380 core driver 2016-04-11 16:57:09 -04:00
pmcraid.c SCSI queue for 4.4. 2015-11-12 07:06:18 -05:00
pmcraid.h
ppa.c scsi: ppa: use new parport device model 2016-02-23 21:27:02 -05:00
ppa.h
ps3rom.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
qla1280.c qla1280: Don't allocate 512kb of host tags 2016-04-30 09:25:26 -07:00
qla1280.h
qlogicfas408.c
qlogicfas408.h
qlogicfas.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
qlogicpti.c qlogicpti: Return correct error code 2016-03-01 20:06:49 -05:00
qlogicpti.h
raid_class.c
script_asm.pl
scsi_common.c scsi: add scsi_set_sense_field_pointer() 2016-04-04 12:07:42 -04:00
scsi_debug.c scsi_debug: fix sleep in invalid context 2016-07-12 23:16:31 -04:00
scsi_devinfo.c SCSI: fix new bug in scsi_dev_info_list string matching 2016-06-29 00:51:31 -04:00
scsi_dh.c scsi_dh: move 'dh_state' sysfs attribute to generic code 2015-12-02 16:29:19 -05:00
scsi_error.c Merge remote-tracking branch 'mkp-scsi/4.7/scsi-fixes' into fixes 2016-06-18 11:59:01 -07:00
scsi_ioctl.c scsi: return EAGAIN when resetting a device under EH 2014-11-12 11:16:12 +01:00
scsi_lib_dma.c
scsi_lib.c scsi_lib: correctly retry failed zero length REQ_TYPE_FS commands 2016-05-22 14:52:45 -04:00
scsi_logging.c scsi_logging: return void for dev_printk() functions 2015-02-04 08:00:24 -08:00
scsi_logging.h scsi: simplify scsi_log_(send|completion) 2014-11-12 11:16:05 +01:00
scsi_module.c
scsi_netlink.c net: Use netlink_ns_capable to verify the permisions of netlink messages 2014-04-24 13:44:54 -04:00
scsi_pm.c scsi: Set request queue runtime PM status back to active on resume 2016-02-19 10:52:45 -05:00
scsi_priv.h scsi: disable automatic target scan 2016-04-11 16:57:09 -04:00
scsi_proc.c scsi: disable automatic target scan 2016-04-11 16:57:09 -04:00
scsi_sas_internal.h scsi_transport_sas: add 'scsi_target_id' sysfs attribute 2016-03-14 21:05:04 -04:00
scsi_scan.c scsi: Add intermediate STARGET_REMOVE state to scsi_target_state 2016-04-15 16:51:53 -04:00
scsi_sysctl.c scsi: convert use of typedef ctl_table to struct ctl_table 2014-06-06 16:08:16 -07:00
scsi_sysfs.c Revert "scsi: fix soft lockup in scsi_remove_target() on module removal" 2016-04-15 16:53:07 -04:00
scsi_trace.c scsi-trace: define ZBC_IN and ZBC_OUT 2016-04-11 16:57:09 -04:00
scsi_transport_api.h
scsi_transport_fc.c scsi_transport_fc: Unexport scsi_is_fc_vport() 2016-04-11 16:57:09 -04:00
scsi_transport_iscsi.c scsi_transport_iscsi: Declare local symbols static 2016-04-11 16:57:09 -04:00
scsi_transport_sas.c scsi: disable automatic target scan 2016-04-11 16:57:09 -04:00
scsi_transport_spi.c [SCSI] Fix printk typos in drivers/scsi 2015-08-07 14:28:45 +02:00
scsi_transport_srp.c IB/srp: Avoid using uninitialized variable 2015-07-14 13:20:09 -04:00
scsi_typedefs.h
scsi.c scsi: remove the disable_blk_mq host flag 2016-07-15 15:11:20 -04:00
scsi.h
scsicam.c scsi: PC partition tables are little endian 2014-11-12 11:15:54 +01:00
sd_dif.c block: Consolidate static integrity profile properties 2015-10-21 14:42:38 -06:00
sd.c - initially based on Jens' 'for-4.8/core' (given all the flag churn) and 2016-07-26 17:12:11 -07:00
sd.h sd: Fix rw_max for devices that report an optimal xfer size 2016-06-01 22:07:47 -04:00
sense_codes.h scsi: move Additional Sense Codes to separate file 2016-04-11 16:57:09 -04:00
ses.c ses: fix discovery of SATA devices in SAS enclosures 2015-12-18 19:29:50 -08:00
sg.c sg: fix dxferp in from_to case 2016-03-14 15:50:25 -04:00
sgiwd93.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
sim710.c scsi: sim710: fix build warning 2016-02-23 21:27:02 -05:00
sni_53c710.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
sr_ioctl.c sr: reduce debug noise in sr_do_ioctl 2015-01-20 19:43:24 +01:00
sr_vendor.c scsi: Implement sr_printk() 2014-07-17 22:07:39 +02:00
sr.c block: convert to device_add_disk() 2016-06-27 12:26:08 -07:00
sr.h scsi: introduce sdev_prefix_printk() 2014-11-12 11:15:57 +01:00
st_options.h
st.c st: clear ILI if Medium Error 2016-04-25 22:08:16 -04:00
st.h st: Remove obsolete scsi_tape.max_pfn 2015-11-18 11:59:09 -05:00
stex.c stex: Add S3/S4 support 2016-02-23 21:27:02 -05:00
storvsc_drv.c scsi: storvsc: Filter out storvsc messages CD-ROM medium not present 2016-07-12 23:16:31 -04:00
sun3_scsi_vme.c scsi/NCR5380: merge sun3_scsi_vme.c into sun3_scsi.c 2014-05-28 12:16:28 +02:00
sun3_scsi.c ncr5380: Remove disused atari_NCR5380.c core driver 2016-04-11 16:57:09 -04:00
sun3_scsi.h sun3_scsi: Move macro definitions 2014-11-20 09:11:15 +01:00
sun3x_esp.c arch, drivers: don't include <asm/io.h> directly, use <linux/io.h> instead 2015-08-10 23:07:05 -04:00
sun_esp.c scsi: drop owner assignment from platform_drivers 2014-10-20 16:21:33 +02:00
sym53c416.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
sym53c416.h
t128.c ncr5380: Remove DONT_USE_INTR and AUTOPROBE_IRQ macros 2016-04-11 16:57:09 -04:00
t128.h ncr5380: Merge DMA implementation from atari_NCR5380 core driver 2016-04-11 16:57:09 -04:00
u14-34f.c scsi: drop reason argument from ->change_queue_depth 2014-11-24 14:45:27 +01:00
ultrastor.c
ultrastor.h
virtio_scsi.c virtio/vhost: fixes for 4.2 2015-07-23 13:07:04 -07:00
vmw_pvscsi.c vmw_pvscsi: Change to update maintainer details (name, email) 2016-07-12 23:16:31 -04:00
vmw_pvscsi.h vmw_pvscsi: Change to update maintainer details (name, email) 2016-07-12 23:16:31 -04:00
wd33c93.c scsi: print single-character strings with seq_putc 2015-02-02 09:57:46 -08:00
wd33c93.h
wd719x.c [SCSI] Fix printk typos in drivers/scsi 2015-08-07 14:28:45 +02:00
wd719x.h scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
wd7000.c scsi: wd7000: print sector number as 64-bit 2016-07-12 23:16:31 -04:00
xen-scsifront.c xen: Use correctly the Xen memory terminologies 2015-09-08 18:03:49 +01:00
zalon.c
zorro7xx.c zorro: ZTWO_VADDR() should return "void __iomem *" 2013-11-26 11:09:07 +01:00