linux-scsi.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH v2 2/4] bfa:Fix for crash when bfa_itnim is NULL
@ 2015-11-26  8:54 anil.gurumurthy
  2015-12-01  7:45 ` Johannes Thumshirn
  0 siblings, 1 reply; 2+ messages in thread
From: anil.gurumurthy @ 2015-11-26  8:54 UTC (permalink / raw)
  To: martin.petersen, James.Bottomley; +Cc: linux-scsi, stable, Anil Gurumurthy

From: Anil Gurumurthy <anil.gurumurthy@qlogic.com>

Fix a very corner case when the port gets disconnected and the BFA and FCS layers clean up references to the IT nexus.
During this window if a task management command is issued by the SCSI-ML and ends up
referencing a NULL itnim, it could lead to a crash.

Signed-off-by: Sudarsana Kalluru <sudarsana.kalluru@qlogic.com>
Signed-off-by: Anil Gurumurthy <anil.gurumurthy@qlogic.com>
---
 drivers/scsi/bfa/bfad_im.c |   26 ++++++++++++++++++++++++++
 1 files changed, 26 insertions(+), 0 deletions(-)

diff --git a/drivers/scsi/bfa/bfad_im.c b/drivers/scsi/bfa/bfad_im.c
index efcb247..2c0cf8a 100644
--- a/drivers/scsi/bfa/bfad_im.c
+++ b/drivers/scsi/bfa/bfad_im.c
@@ -272,6 +272,19 @@ bfad_im_target_reset_send(struct bfad_s *bfad, struct scsi_cmnd *cmnd,
 	cmnd->host_scribble = NULL;
 	cmnd->SCp.Status = 0;
 	bfa_itnim = bfa_fcs_itnim_get_halitn(&itnim->fcs_itnim);
+	/*
+	 * bfa_itnim can be NULL if the port gets disconnected and the bfa
+	 * and fcs layers have cleaned up their nexus with the targets and
+	 * the same has not been cleaned up by the shim
+	 */
+	if (bfa_itnim == NULL) {
+		bfa_tskim_free(tskim);
+		BFA_LOG(KERN_ERR, bfad, bfa_log_level,
+			"target reset, bfa_itnim is NULL\n");
+		rc = BFA_STATUS_FAILED;
+		goto out;
+	}
+
 	memset(&scsilun, 0, sizeof(scsilun));
 	bfa_tskim_start(tskim, bfa_itnim, scsilun,
 			    FCP_TM_TARGET_RESET, BFAD_TARGET_RESET_TMO);
@@ -327,6 +340,19 @@ bfad_im_reset_lun_handler(struct scsi_cmnd *cmnd)
 	cmnd->SCp.ptr = (char *)&wq;
 	cmnd->SCp.Status = 0;
 	bfa_itnim = bfa_fcs_itnim_get_halitn(&itnim->fcs_itnim);
+	/*
+	 * bfa_itnim can be NULL if the port gets disconnected and the bfa
+	 * and fcs layers have cleaned up their nexus with the targets and
+	 * the same has not been cleaned up by the shim
+	 */
+	if (bfa_itnim == NULL) {
+		bfa_tskim_free(tskim);
+		BFA_LOG(KERN_ERR, bfad, bfa_log_level,
+			"lun reset, bfa_itnim is NULL\n");
+		spin_unlock_irqrestore(&bfad->bfad_lock, flags);
+		rc = FAILED;
+		goto out;
+	}
 	int_to_scsilun(cmnd->device->lun, &scsilun);
 	bfa_tskim_start(tskim, bfa_itnim, scsilun,
 			    FCP_TM_LUN_RESET, BFAD_LUN_RESET_TMO);
-- 
1.7.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH v2 2/4] bfa:Fix for crash when bfa_itnim is NULL
  2015-11-26  8:54 [PATCH v2 2/4] bfa:Fix for crash when bfa_itnim is NULL anil.gurumurthy
@ 2015-12-01  7:45 ` Johannes Thumshirn
  0 siblings, 0 replies; 2+ messages in thread
From: Johannes Thumshirn @ 2015-12-01  7:45 UTC (permalink / raw)
  To: anil.gurumurthy, martin.petersen, James.Bottomley; +Cc: linux-scsi, stable

On Thu, 2015-11-26 at 03:54 -0500, anil.gurumurthy@qlogic.com wrote:
> From: Anil Gurumurthy <anil.gurumurthy@qlogic.com>
> 
> Fix a very corner case when the port gets disconnected and the BFA and FCS
> layers clean up references to the IT nexus.
> During this window if a task management command is issued by the SCSI-ML and
> ends up
> referencing a NULL itnim, it could lead to a crash.
> 
> Signed-off-by: Sudarsana Kalluru <sudarsana.kalluru@qlogic.com>
> Signed-off-by: Anil Gurumurthy <anil.gurumurthy@qlogic.com>
> ---
>  drivers/scsi/bfa/bfad_im.c |   26 ++++++++++++++++++++++++++
>  1 files changed, 26 insertions(+), 0 deletions(-)
> 
> diff --git a/drivers/scsi/bfa/bfad_im.c b/drivers/scsi/bfa/bfad_im.c
> index efcb247..2c0cf8a 100644
> --- a/drivers/scsi/bfa/bfad_im.c
> +++ b/drivers/scsi/bfa/bfad_im.c
> @@ -272,6 +272,19 @@ bfad_im_target_reset_send(struct bfad_s *bfad, struct
> scsi_cmnd *cmnd,
>  	cmnd->host_scribble = NULL;
>  	cmnd->SCp.Status = 0;
>  	bfa_itnim = bfa_fcs_itnim_get_halitn(&itnim->fcs_itnim);
> +	/*
> +	 * bfa_itnim can be NULL if the port gets disconnected and the bfa
> +	 * and fcs layers have cleaned up their nexus with the targets and
> +	 * the same has not been cleaned up by the shim
> +	 */
> +	if (bfa_itnim == NULL) {
> +		bfa_tskim_free(tskim);
> +		BFA_LOG(KERN_ERR, bfad, bfa_log_level,
> +			"target reset, bfa_itnim is NULL\n");
> +		rc = BFA_STATUS_FAILED;
> +		goto out;
> +	}
> +
>  	memset(&scsilun, 0, sizeof(scsilun));
>  	bfa_tskim_start(tskim, bfa_itnim, scsilun,
>  			    FCP_TM_TARGET_RESET, BFAD_TARGET_RESET_TMO);
> @@ -327,6 +340,19 @@ bfad_im_reset_lun_handler(struct scsi_cmnd *cmnd)
>  	cmnd->SCp.ptr = (char *)&wq;
>  	cmnd->SCp.Status = 0;
>  	bfa_itnim = bfa_fcs_itnim_get_halitn(&itnim->fcs_itnim);
> +	/*
> +	 * bfa_itnim can be NULL if the port gets disconnected and the bfa
> +	 * and fcs layers have cleaned up their nexus with the targets and
> +	 * the same has not been cleaned up by the shim
> +	 */
> +	if (bfa_itnim == NULL) {
> +		bfa_tskim_free(tskim);
> +		BFA_LOG(KERN_ERR, bfad, bfa_log_level,
> +			"lun reset, bfa_itnim is NULL\n");
> +		spin_unlock_irqrestore(&bfad->bfad_lock, flags);
> +		rc = FAILED;
> +		goto out;
> +	}
>  	int_to_scsilun(cmnd->device->lun, &scsilun);
>  	bfa_tskim_start(tskim, bfa_itnim, scsilun,
>  			    FCP_TM_LUN_RESET, BFAD_LUN_RESET_TMO);

Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-12-01  7:45 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-11-26  8:54 [PATCH v2 2/4] bfa:Fix for crash when bfa_itnim is NULL anil.gurumurthy
2015-12-01  7:45 ` Johannes Thumshirn

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).