- 08 Dec, 2018 4 commits
-
-
Bart Van Assche authored
A session must only be released after all code that accesses the session structure has finished. Make sure that this is the case by introducing a new command counter per session that is only decremented after the .release_cmd() callback has finished. This patch fixes the following crash: BUG: KASAN: use-after-free in do_raw_spin_lock+0x1c/0x130 Read of size 4 at addr ffff8801534b16e4 by task rmdir/14805 CPU: 16 PID: 14805 Comm: rmdir Not tainted 4.18.0-rc2-dbg+ #5 Call Trace: dump_stack+0xa4/0xf5 print_address_description+0x6f/0x270 kasan_report+0x241/0x360 __asan_load4+0x78/0x80 do_raw_spin_lock+0x1c/0x130 _raw_spin_lock_irqsave+0x52/0x60 srpt_set_ch_state+0x27/0x70 [ib_srpt] srpt_disconnect_ch+0x1b/0xc0 [ib_srpt] srpt_close_session+0xa8/0x260 [ib_srpt] target_shutdown_sessions+0x170/0x180 [target_core_mod] core_tpg_del_initiator_node_acl+0xf3/0x200 [target_core_mod] target_fabric_nacl_base_release+0x25/0x30 [target_core_mod] config_item_release+0x9c/0x110 [configfs] config_item_put+0x26/0x30 [configfs] configfs_rmdir+0x3b8/0x510 [configfs] vfs_rmdir+0xb3/0x1e0 do_rmdir+0x262/0x2c0 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe Cc: Nicholas Bellinger <nab@linux-iscsi.org> Cc: Mike Christie <mchristi@redhat.com> Cc: Christoph Hellwig <hch@lst.de> Cc: David Disseldorp <ddiss@suse.de> Cc: Hannes Reinecke <hare@suse.de> Signed-off-by:
Bart Van Assche <bvanassche@acm.org> Signed-off-by:
Martin K. Petersen <martin.petersen@oracle.com>
-
Bart Van Assche authored
Since transport_clear_lun_ref() already waits until the percpu-refcount .release() method is called, it is not necessary to wait first until percpu_ref_kill_and_confirm() has finished transitioning the refcount into atomic mode. Remove the code that waits for percpu_ref_kill_and_confirm() to complete and also the completion object that is used by that code. This patch does not change the behavior of the SCSI target code. Cc: Nicholas Bellinger <nab@linux-iscsi.org> Cc: Mike Christie <mchristi@redhat.com> Cc: Christoph Hellwig <hch@lst.de> Cc: David Disseldorp <ddiss@suse.de> Cc: Hannes Reinecke <hare@suse.de> Signed-off-by:
-
Bart Van Assche authored
This patch does not change any functionality. Note: the code that frees sess_cmd_map already uses kvfree() so that code does not need to be modified. Reviewed-by:
David Disseldorp <ddiss@suse.de> Cc: Nicholas Bellinger <nab@linux-iscsi.org> Cc: Mike Christie <mchristi@redhat.com> Cc: Christoph Hellwig <hch@lst.de> Cc: Hannes Reinecke <hare@suse.de> Signed-off-by:
-
Bart Van Assche authored
This patch does not change any functionality but avoids that sparse complains about the queue_cmd_ring() function and its callers. Fixes: 6fd0ce79 ("tcmu: prep queue_cmd_ring to be used by unmap wq") Reviewed-by:
-
- 29 Nov, 2018 19 commits
-
-
Gustavo A. R. Silva authored
In preparation to enabling -Wimplicit-fallthrough, mark switch cases where we are expecting to fall through. Notice that, in this particular case, I replaced "Missed the backend's Closing state -- fallthrough" with "fall through - Missed the backend's Closing state", which contains the "fall through" annotation at the beginnig of the code comment, which is what GCC is expecting to find. Signed-off-by:
Gustavo A. R. Silva <gustavo@embeddedor.com> Reviewed-by:
Juergen Gross <jgross@suse.com> Signed-off-by:
-
Gustavo A. R. Silva authored
In preparation to enabling -Wimplicit-fallthrough, mark switch cases where we are expecting to fall through. Notice that, in this particular case, I replaced "Fall thru" with a "Fall through" annotation and added a dash as a token in order to separate the "Fall through" annotation from the rest of the comment on the same line, which is what GCC is expecting to find. Signed-off-by:
Sumit Saxena <sumit.saxena@broadcom.com> Signed-off-by:
-
Gustavo A. R. Silva authored
In preparation to enabling -Wimplicit-fallthrough, mark switch cases where we are expecting to fall through. Signed-off-by:
-
Gustavo A. R. Silva authored
In preparation to enabling -Wimplicit-fallthrough, mark switch cases where we are expecting to fall through. Signed-off-by:
Johannes Thumshirn <jth@kernel.org> Signed-off-by:
-
Gustavo A. R. Silva authored
In preparation to enabling -Wimplicit-fallthrough, mark switch cases where we are expecting to fall through. Addresses-Coverity-ID: 1195463 ("Missing break in switch") Addresses-Coverity-ID: 1195464 ("Missing break in switch") Addresses-Coverity-ID: 1195465 ("Missing break in switch") Addresses-Coverity-ID: 1195466 ("Missing break in switch") Addresses-Coverity-ID: 1357338 ("Missing break in switch") Signed-off-by:Don Brace <don.brace@microsemi.com> Signed-off-by:
-
Gustavo A. R. Silva authored
In preparation to enabling -Wimplicit-fallthrough, mark switch cases where we are expecting to fall through. Signed-off-by:
Dave Carroll <david.carroll@microsemi.com> Signed-off-by:
-
Gustavo A. R. Silva authored
In preparation to enabling -Wimplicit-fallthrough, mark switch cases where we are expecting to fall through. Also, a break statement is properly aligned. Signed-off-by:
-
Bart Van Assche authored
This patch improves code readability but does not change any functionality. Cc: Himanshu Madhani <himanshu.madhani@cavium.com> Signed-off-by:
Himanshu Madhani <himanshu.madhani@cavium.com> Signed-off-by:
-
Colin Ian King authored
There is a spelling mistake in some description text, fix it. Signed-off-by:
Colin Ian King <colin.king@canonical.com> Signed-off-by:
-
Tomas Winkler authored
Add /* fallthrough */ annotation, to eliminate compilation warning: warning: this statement may fall through [-Wimplicit-fallthrough=] Signed-off-by:
Tomas Winkler <tomas.winkler@intel.com> Reviewed-by:
Avri Altman <avri.altman@wdc.com> Signed-off-by:
-
Nilesh Javali authored
Signed-off-by:
Nilesh Javali <nilesh.javali@cavium.com> Signed-off-by:
-
Manish Rangankar authored
1. Removed logic to update HW producer index in interrupt context. 2. Update HW producer index after UIO ring and buffer gets initialized. Signed-off-by:
Manish Rangankar <manish.rangankar@cavium.com> Reviewed-by:
Lee Duncan <lduncan@suse.com> Signed-off-by:
-
Nilesh Javali authored
Default packet size is 0x400. For jumbo packets set to 0x2400. Signed-off-by:
-
Manish Rangankar authored
Add packet filter to avoid unnecessary packet processing in iscsiuio. Signed-off-by:
-
Manish Rangankar authored
The kernel panic was observed after switch side perturbation, BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8132b5a0>] strcmp+0x20/0x40 PGD 0 Oops: 0000 [#1] SMP CPU: 8 PID: 647 Comm: kworker/8:1 Tainted: G W OE ------------ 3.10.0-693.el7.x86_64 #1 Hardware name: HPE ProLiant DL380 Gen10/ProLiant DL380 Gen10, BIOS U30 06/20/2018 Workqueue: slowpath-13:00. qed_slowpath_task [qed] task: ffff880429eb8fd0 ti: ffff880429190000 task.ti: ffff880429190000 RIP: 0010:[<ffffffff8132b5a0>] [<ffffffff8132b5a0>] strcmp+0x20/0x40 RSP: 0018:ffff880429193c68 EFLAGS: 00010202 RAX: 000000000000000a RBX: 0000000000000002 RCX: 0000000000000000 RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff88042bda7a41 RBP: ffff880429193c68 R08: 000000000000ffff R09: 000000000000ffff R10: 0000000000000007 R11: ffff88042b3af338 R12: ffff880420b007a0 R13: ffff88081aa56af8 R14: 0000000000000001 R15: ffff88081aa50410 FS: 0000000000000000(0000) GS:ffff88042fe00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 00000000019f2000 CR4: 00000000003407e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: ffff880429193d20 ffffffffc02a0c90 ffffc90004b32000 ffff8803fd3ec600 ffff88042bda7800 ffff88042bda7a00 ffff88042bda7840 ffff88042bda7a40 0000000129193d10 2e3836312e323931 ff000a342e363232 ffffffffc01ad99d Call Trace: [<ffffffffc02a0c90>] qedi_get_protocol_tlv_data+0x270/0x470 [qedi] [<ffffffffc01ad99d>] ? qed_mfw_process_tlv_req+0x24d/0xbf0 [qed] [<ffffffffc01653ae>] qed_mfw_fill_tlv_data+0x5e/0xd0 [qed] [<ffffffffc01ad9b9>] qed_mfw_process_tlv_req+0x269/0xbf0 [qed] Fix kernel NULL pointer deref by checking for session is online before getting iSCSI TLV data. Signed-off-by: -
Nilesh Javali authored
The driver load on some systems failed with error, [0004:01:00.5]:[qedi_request_msix_irq:2524]:8: request_irq failed. Allocate the IRQs based on MSIX count obtained from qed module instead of number of queues. Signed-off-by:
-
Nilesh Javali authored
Use QEDI_PAGE_SIZE for enablement of module on systems with 64K page size. Signed-off-by:
-
Nilesh Javali authored
Fix trivial spelling mistake within macro definition. Signed-off-by:
-
Nilesh Javali authored
Remove redundant macro definition. Signed-off-by:
-
- 28 Nov, 2018 3 commits
-
-
David Disseldorp authored
iscsi_target_mod is the only LIO fabric where fabric_ops.name differs from the fabric_ops.fabric_name string. fabric_ops.name is used when matching target/$fabric ConfigFS create paths, so rename it .fabric_alias and fallback to target/$fabric vs .fabric_name comparison if .fabric_alias isn't initialised. iscsi_target_mod is the only fabric module to set .fabric_alias . All other fabric modules rely on .fabric_name matching and can drop the duplicate string. Signed-off-by:
Christoph Hellwig <hch@lst.de> Signed-off-by:
-
David Disseldorp authored
All fabrics return a const string. In all cases *except* iSCSI the get_fabric_name() string matches fabric_ops.name. Both fabric_ops.get_fabric_name() and fabric_ops.name are user-facing, with the former being used for PR/ALUA state and the latter for ConfigFS (config/target/$name), so we unfortunately need to keep both strings around for now. Replace the useless .get_fabric_name() accessor function with a const string fabric_name member variable. Signed-off-by:
-
David Disseldorp authored
On write, the pi_prot_format configfs attribute invokes the device format_prot() callback if present. Read dumps the contents of se_dev_attrib.pi_prot_format which is always zero. Make the configfs attribute write-only, and drop the always zero se_dev_attrib.pi_prot_format storage. Signed-off-by:
-
- 22 Nov, 2018 9 commits
-
-
Sabyasachi Gupta authored
Replaced dma_alloc_coherent + memset with dma_zalloc_coherent. Signed-off-by:
Sabyasachi Gupta <sabyasachi.linux@gmail.com> Acked-by:
James Smart <james.smart@broadcom.com> Signed-off-by:
-
YueHaibing authored
Fixes gcc '-Wunused-but-set-variable' warning: drivers/scsi/bnx2i/bnx2i_hwi.c: In function 'bnx2i_process_ofld_cmpl': drivers/scsi/bnx2i/bnx2i_hwi.c:2430:6: warning: variable 'cid_num' set but not used [-Wunused-but-set-variable] It never used since commit cf4e6363 ("[SCSI] bnx2i: Add bnx2i iSCSI driver.") Signed-off-by:
YueHaibing <yuehaibing@huawei.com> Acked-by:
-
Christoph Hellwig authored
aha1542 is one of the last users of the legacy isa_*_to_bus APIs, which also isn't portable enough. Convert it to the proper DMA mapping API. Thanks to Ondrej Zary for testing and finding and fixing a crucial bug. Signed-off-by:
-
Shivasharan S authored
This patch adds support for MegaRAID Aero controller PCI IDs. Print a message when a configurable secure type controller is encountered. Signed-off-by:
Shivasharan S <shivasharan.srikanteshwara@broadcom.com> Reviewed-by:
Hannes Reinecke <hare@suse.com> Signed-off-by:
-
Sreekanth Reddy authored
Display following warning message only upon detection of configurable secure type controllers. "HBA is in Configurable Secure mode" [mkp: typos] Signed-off-by:
Sreekanth Reddy <sreekanth.reddy@broadcom.com> Signed-off-by:
-
Yue Haibing authored
Fixes gcc '-Wunused-but-set-variable' warning: drivers/scsi/libfc/fc_rport.c: In function 'fc_rport_recv_flogi_req': drivers/scsi/libfc/fc_rport.c:866:18: warning: variable 'disc' set but not used [-Wunused-but-set-variable] It no used any more after commit baa6719f ("libfc: Update rport reference counting") Signed-off-by:
-
David Disseldorp authored
The new emulate_pr backstore attribute allows for Persistent Reservation and SCSI2 RESERVE/RELEASE support to be completely disabled. This can be useful for scenarios such as: - Ensuring ATS (Compare & Write) usage on recent VMware ESXi initiators. - Allowing clustered (e.g. tcm-user) backends to block such requests, avoiding the multi-node reservation state propagation. When explicitly disabled, PR and RESERVE/RELEASE requests receive Invalid Command Operation Code response sense data. Signed-off-by:
Mike Christie <mchristi@redhat.com> Reviewed-by:
-
Arnd Bergmann authored
I fixed a bug by adding a dependency in the network driver, but that fix caused a related bug in the SCSI driver: WARNING: unmet direct dependencies detected for CHELSIO_T4 Depends on [m]: NETDEVICES [=y] && ETHERNET [=y] && NET_VENDOR_CHELSIO [=y] && PCI [=y] && (IPV6 [=y] || IPV6 [=y]=n) && (THERMAL [=m] || !THERMAL [=m]) Selected by [y]: - SCSI_CXGB4_ISCSI [=y] && SCSI_LOWLEVEL [=y] && SCSI [=y] && PCI [=y] && INET [=y] && (IPV6 [=y] || IPV6 [=y]=n) drivers/net/ethernet/chelsio/cxgb4/cxgb4_thermal.o: In function `cxgb4_thermal_init': cxgb4_thermal.c:(.text+0x158): undefined reference to `thermal_zone_device_register' drivers/net/ethernet/chelsio/cxgb4/cxgb4_thermal.o: In function `cxgb4_thermal_remove': cxgb4_thermal.c:(.text+0x1d8): undefined reference to `thermal_zone_device_unregister' /git/arm-soc/Makefile:1042: recipe for target 'vmlinux' failed The same dependency needs to be propagated here to make it work correctly with CONFIG_THERMAL=m and SCSI_CXGB4_ISCSI=y. That change by itself causes another problem with a circular dependency, as we use 'select NETDEVICES'. This is something we really should not do anyway, as a driver symbol should never select another major subsystem, so let's turn that into a 'depends on'. I don't see any downsides of that, as NETDEVICES is only disabled in rather obscure cases that are not relevant to the users of cxgb4i. Fixes: e70a57fa ("cxgb4: fix thermal configuration dependencies") Signed-off-by:
Arnd Bergmann <arnd@arndb.de> Signed-off-by:
-
Souptick Joarder authored
Replaced dma_pool_alloc + memset with dma_pool_zalloc. Signed-off-by:
Brajeswar Ghosh <brajeswar.linux@gmail.com> Signed-off-by:
Souptick Joarder <jrdr.linux@gmail.com> Reviewed-by:
Kees Cook <keescook@chromium.org> Signed-off-by:
-
- 15 Nov, 2018 5 commits
-
-
Steffen Maier authored
This was introduced with v2.6.27 commit 287ac01a ("[SCSI] zfcp: Cleanup code in zfcp_erp.c") but would now suppress helpful -Wswitch compiler warnings when building with W=1 such as the following forced example: drivers/s390/scsi/zfcp_erp.c: In function 'zfcp_erp_setup_act': drivers/s390/scsi/zfcp_erp.c:220:2: warning: enumeration value 'ZFCP_ERP_ACTION_REOPEN_PORT' not handled in switch [-Wswitch] switch (need) { ^~~~~~ But then again, only with W=1 we would notice unhandled enum cases. Without the default cases and a missed unhandled enum case, the code might perform unforeseen things we might not want... As of today, we never run through the removed default case, so removing it is no functional change. In the future, we never should run through a default case but introduce the necessary specific case(s) to handle new functionality. Signed-off-by:
Steffen Maier <maier@linux.ibm.com> Reviewed-by:
Benjamin Block <bblock@linux.ibm.com> Signed-off-by:
-
Steffen Maier authored
This was introduced with v4.18 commit 8c3d20aa ("scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED") but would now suppress helpful -Wswitch compiler warnings when building with W=1 such as the following forced example: drivers/s390/scsi/zfcp_erp.c: In function 'zfcp_erp_handle_failed': drivers/s390/scsi/zfcp_erp.c:126:2: warning: enumeration value 'ZFCP_ERP_ACTION_REOPEN_PORT_FORCED' not handled in switch [-Wswitch] switch (want) { ^~~~~~ But then again, only with W=1 we would notice unhandled enum cases. Without the default cases and a missed unhandled enum case, the code might perform unforeseen things we might not want... As of today, we never run through the removed default case, so removing it is no functional change. In the future, we never should run through a default case but introduce the necessary specific case(s) to handle new functionality. Signed-off-by:
-
Steffen Maier authored
For some reason the already existing substring "fall through" in the comment is not sufficient for GCC to silence -Wimplicit-fallthrough. CC [M] drivers/s390/scsi/zfcp_erp.o drivers/s390/scsi/zfcp_erp.c: In function 'zfcp_erp_lun_strategy': drivers/s390/scsi/zfcp_erp.c:1065:6: warning: this statement may fall through [-Wimplicit-fallthrough=] if (atomic_read(&zfcp_sdev->status) & ZFCP_STATUS_COMMON_OPEN) ^ drivers/s390/scsi/zfcp_erp.c:1068:2: note: here case ZFCP_ERP_STEP_LUN_CLOSING: ^~~~ Signed-off-by: -
Steffen Maier authored
Improve whatever the following simple invocation reported: $ ./scripts/kernel-doc -none drivers/s390/scsi/*.h While at it, improve some related kdoc, including struct zfcp_fsf_ct_els in zfcp_fsf.h. Signed-off-by:
-
Steffen Maier authored
While at it also improve some copy & paste kdoc mistakes. Signed-off-by:
-
