From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:36014 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753201AbdK0QHf (ORCPT ); Mon, 27 Nov 2017 11:07:35 -0500 Subject: Patch "target: Fix QUEUE_FULL + SCSI task attribute handling" has been added to the 4.14-stable tree To: nab@linux-iscsi.org, bryantly@linux.vnet.ibm.com, gregkh@linuxfoundation.org, hare@suse.com, mchristi@redhat.com, mikecyr@linux.vnet.ibm.com Cc: , From: Date: Mon, 27 Nov 2017 17:05:45 +0100 Message-ID: <1511798745158201@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org List-ID: This is a note to let you know that I've just added the patch titled target: Fix QUEUE_FULL + SCSI task attribute handling to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: target-fix-queue_full-scsi-task-attribute-handling.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >>From 1c79df1f349fb6050016cea4ef1dfbc3853a5685 Mon Sep 17 00:00:00 2001 From: Nicholas Bellinger Date: Fri, 22 Sep 2017 16:48:28 -0700 Subject: target: Fix QUEUE_FULL + SCSI task attribute handling From: Nicholas Bellinger commit 1c79df1f349fb6050016cea4ef1dfbc3853a5685 upstream. This patch fixes a bug during QUEUE_FULL where transport_complete_qf() calls transport_complete_task_attr() after it's already been invoked by target_complete_ok_work() or transport_generic_request_failure() during initial completion, preceeding QUEUE_FULL. This will result in se_device->simple_cmds, se_device->dev_cur_ordered_id and/or se_device->dev_ordered_sync being updated multiple times for a single se_cmd. To address this bug, clear SCF_TASK_ATTR_SET after the first call to transport_complete_task_attr(), and avoid updating SCSI task attribute related counters for any subsequent calls. Also, when a se_cmd is deferred due to ordered tags and executed via target_restart_delayed_cmds(), set CMD_T_SENT before execution matching what target_execute_cmd() does. Cc: Michael Cyr Cc: Bryant G. Ly Cc: Mike Christie Cc: Hannes Reinecke Signed-off-by: Nicholas Bellinger Signed-off-by: Greg Kroah-Hartman --- drivers/target/target_core_transport.c | 4 ++++ 1 file changed, 4 insertions(+) --- a/drivers/target/target_core_transport.c +++ b/drivers/target/target_core_transport.c @@ -2010,6 +2010,8 @@ static void target_restart_delayed_cmds( list_del(&cmd->se_delayed_node); spin_unlock(&dev->delayed_cmd_lock); + cmd->transport_state |= CMD_T_SENT; + __target_execute_cmd(cmd, true); if (cmd->sam_task_attr == TCM_ORDERED_TAG) @@ -2045,6 +2047,8 @@ static void transport_complete_task_attr pr_debug("Incremented dev_cur_ordered_id: %u for ORDERED\n", dev->dev_cur_ordered_id); } + cmd->se_cmd_flags &= ~SCF_TASK_ATTR_SET; + restart: target_restart_delayed_cmds(dev); } Patches currently in stable-queue which might be from nab@linux-iscsi.org are queue-4.14/target-fix-null-pointer-regression-in-core_tmr_drain_tmr_list.patch queue-4.14/iscsi-target-make-task_reassign-use-proper-se_cmd-cmd_kref.patch queue-4.14/target-fix-queue_full-scsi-task-attribute-handling.patch queue-4.14/target-fix-buffer-offset-in-core_scsi3_pri_read_full_status.patch queue-4.14/iscsi-target-fix-non-immediate-tmr-reference-leak.patch queue-4.14/target-fix-caw_sem-leak-in-transport_generic_request_failure.patch queue-4.14/target-avoid-early-cmd_t_pre_execute-failures-during-abort_task.patch queue-4.14/target-fix-quiese-during-transport_write_pending_qf-endless-loop.patch