From: Greg KH <gregkh@linuxfoundation.org>
To: Simon Veith <sveith@amazon.de>
Cc: stable@vger.kernel.org, David Woodhouse <dwmw@amazon.co.uk>,
Amit Shah <aams@amazon.de>, Keith Busch <keith.busch@intel.com>
Subject: Re: [PATCH 4.9] nvme: validate admin queue before force-start on removal
Date: Wed, 11 Jul 2018 15:41:15 +0200 [thread overview]
Message-ID: <20180711134115.GA2306@kroah.com> (raw)
In-Reply-To: <1531315312-19356-1-git-send-email-sveith@amazon.de>
On Wed, Jul 11, 2018 at 03:21:52PM +0200, Simon Veith wrote:
> Commit 4aae4388165a2611fa4206363ccb243c1622446c ("nvme: fix hang in remove
> path"), which was introduced in Linux 4.9.94, changed nvme_kill_queues()
> to also forcibly start admin queues in order to avoid getting stuck during
> device removal.
>
> If a device is being removed because it did not respond during device
> initialization (e.g., if it is not ready yet at boot time), we will end up
> trying to start an admin queue that has not yet been set up at all. This
> attempt will lead to a NULL pointer dereference.
>
> To avoid hitting this bug, we add a sanity check around the invocation of
> blk_mq_start_hw_queues() to ensure that the admin queue has actually been
> set up already.
>
> Upstream already has this check in place since commit
> 7dd1ab163c17e11473a65b11f7e748db30618ebb ("nvme: validate admin queue
> before unquiesce"), and thus 4.14 contains it as well. Linux 4.4 is not
> affected by this particular issue since it does not have the force-start
> behavior yet.
>
> Fixes: 4aae4388165a2611fa42 ("nvme: fix hang in remove path")
>
> Signed-off-by: Simon Veith <sveith@amazon.de>
> Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
> ---
> drivers/nvme/host/core.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
> index c823e93..8a30478 100644
> --- a/drivers/nvme/host/core.c
> +++ b/drivers/nvme/host/core.c
> @@ -2041,8 +2041,10 @@ void nvme_kill_queues(struct nvme_ctrl *ctrl)
>
> mutex_lock(&ctrl->namespaces_mutex);
>
> - /* Forcibly start all queues to avoid having stuck requests */
> - blk_mq_start_hw_queues(ctrl->admin_q);
> + if (ctrl->admin_q) {
> + /* Forcibly start all queues to avoid having stuck requests */
> + blk_mq_start_hw_queues(ctrl->admin_q);
> + }
>
Why have you rewritten commit 7dd1ab163c17 ("nvme: validate admin queue
before unquiesce") here? Why not just backport it directly?
confused,
greg k-h
parent reply other threads:[~2018-07-11 13:45 UTC|newest]
Thread overview: expand[flat|nested] mbox.gz Atom feed
[parent not found: <1531315312-19356-1-git-send-email-sveith@amazon.de>]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180711134115.GA2306@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=aams@amazon.de \
--cc=dwmw@amazon.co.uk \
--cc=keith.busch@intel.com \
--cc=stable@vger.kernel.org \
--cc=sveith@amazon.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.