summaryrefslogtreecommitdiffstats
path: root/net/sunrpc
diff options
context:
space:
mode:
authorJitendra Bhivare <jitendra.bhivare@broadcom.com>2016-12-13 11:25:55 +0100
committerMartin K. Petersen <martin.petersen@oracle.com>2017-01-05 06:21:12 +0100
commit987132167f4bfb132cd56601f77d2bd5ba9cff4a (patch)
tree01a6a4c9a2c37b06eb7117dfe25f37c9ab3d8519 /net/sunrpc
parentscsi: be2iscsi: Fix use of invalidate command table req (diff)
downloadlinux-987132167f4bfb132cd56601f77d2bd5ba9cff4a.tar.xz
linux-987132167f4bfb132cd56601f77d2bd5ba9cff4a.zip
scsi: be2iscsi: Fix for crash in beiscsi_eh_device_reset
System crashes when sg_reset is executed in a loop. CPU: 13 PID: 7073 Comm: sg_reset Tainted: G E 4.8.0-rc1+ #4 RIP: 0010:[<ffffffffa0825370>] [<ffffffffa0825370>] beiscsi_eh_device_reset+0x160/0x520 [be2iscsi] Call Trace: [<ffffffff814c7c77>] ? scsi_host_alloc_command+0x47/0xc0 [<ffffffff814caafa>] scsi_try_bus_device_reset+0x2a/0x50 [<ffffffff814cb46e>] scsi_ioctl_reset+0x13e/0x260 [<ffffffff814ca477>] scsi_ioctl+0x137/0x3d0 [<ffffffffa05e4ba2>] sg_ioctl+0x572/0xc20 [sg] [<ffffffff8123f627>] do_vfs_ioctl+0xa7/0x5d0 The accesses to beiscsi_io_task is being protected in device reset handler with frwd_lock but the freeing of task can happen under back_lock. Hold the reference of iscsi_task till invalidation completes. This prevents use of ICD when invalidation of that ICD is being processed. Use frwd_lock for iscsi_tasks looping and back_lock to access beiscsi_io_task structures. Rewrite mgmt_invalidation_icds to handle allocation and freeing of IOCTL buffer in one place. Signed-off-by: Jitendra Bhivare <jitendra.bhivare@broadcom.com> Reviewed-by: Hannes Reinecke <hare@suse.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Diffstat (limited to 'net/sunrpc')
0 files changed, 0 insertions, 0 deletions