[RFC PATCH] scsi: fix hot unplug vs async scan race

[RFC PATCH] scsi: fix hot unplug vs async scan race

[Dan Williams]

The following crash results from cases where the end_device has been
removed before scsi_sysfs_add_sdev has had a chance to run.

 BUG: unable to handle kernel NULL pointer dereference at 0000000000000098
 IP: [<ffffffff8115e100>] sysfs_create_dir+0x32/0xb6
 ...
 Call Trace:
  [<ffffffff8125e4a8>] kobject_add_internal+0x120/0x1e3
  [<ffffffff81075149>] ? trace_hardirqs_on+0xd/0xf
  [<ffffffff8125e641>] kobject_add_varg+0x41/0x50
  [<ffffffff8125e70b>] kobject_add+0x64/0x66
  [<ffffffff8131122b>] device_add+0x12d/0x63a
  [<ffffffff814b65ea>] ? _raw_spin_unlock_irqrestore+0x47/0x56
  [<ffffffff8107de15>] ? module_refcount+0x89/0xa0
  [<ffffffff8132f348>] scsi_sysfs_add_sdev+0x4e/0x28a
  [<ffffffff8132dcbb>] do_scan_async+0x9c/0x145

...teach scsi_sysfs_add_devices to check for deleted device before
trying to add them.

This teaches scsi_transport_sas to bypass scsi_remove_target() since it
is unable to find the target from the end_device rphy since
device_for_each_child() relies on the target device having gone through
a device_add().

Cc: Mike Christie <michaelc@cs.wisc.edu>
Cc: Robert Love <robert.w.love@intel.com>
Cc: Nagalakshmi Nandigama <Nagalakshmi.Nandigama@lsi.com>
Cc: Kashyap Desai <kashyap.desai@lsi.com>
Cc: Matthew Wilcox <matthew@wil.cx>
Cc: <stable@vger.kernel.org>
[stable: v2.6.20+]
Reported-by: Dariusz Majchrzak <dariusz.majchrzak@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
---

This is larger than I would like, but could not think of better way to
retrieve the starget from the transport device.  Other ideas?

--
Dan


 drivers/scsi/scsi_scan.c          |   24 ++++++++++++++++--------
 drivers/scsi/scsi_sysfs.c         |   15 ++++++++++++++-
 drivers/scsi/scsi_transport_sas.c |    5 +++--
 include/scsi/scsi_device.h        |    5 +++--
 include/scsi/scsi_transport_sas.h |    1 +
 5 files changed, 37 insertions(+), 13 deletions(-)

diff --git a/drivers/scsi/scsi_scan.c b/drivers/scsi/scsi_scan.c
index 01b0374..5e00e09 100644
--- a/drivers/scsi/scsi_scan.c
+++ b/drivers/scsi/scsi_scan.c
@@ -1562,8 +1562,8 @@ void scsi_rescan_device(struct device *dev)
 }
 EXPORT_SYMBOL(scsi_rescan_device);
 
-static void __scsi_scan_target(struct device *parent, unsigned int channel,
-		unsigned int id, unsigned int lun, int rescan)
+static struct scsi_target *__scsi_scan_target(struct device *parent, unsigned int channel,
+					      unsigned int id, unsigned int lun, int rescan)
 {
 	struct Scsi_Host *shost = dev_to_shost(parent);
 	int bflags = 0;
@@ -1574,11 +1574,11 @@ static void __scsi_scan_target(struct device *parent, unsigned int channel,
 		/*
 		 * Don't scan the host adapter
 		 */
-		return;
+		return NULL;
 
 	starget = scsi_alloc_target(parent, channel, id);
 	if (!starget)
-		return;
+		return NULL;
 	scsi_autopm_get_target(starget);
 
 	if (lun != SCAN_WILD_CARD) {
@@ -1611,6 +1611,8 @@ static void __scsi_scan_target(struct device *parent, unsigned int channel,
 	scsi_target_reap(starget);
 
 	put_device(&starget->dev);
+
+	return starget;
 }
 
 /**
@@ -1628,23 +1630,26 @@ static void __scsi_scan_target(struct device *parent, unsigned int channel,
  *     First try a REPORT LUN scan, if that does not scan the target, do a
  *     sequential scan of LUNs on the target id.
  **/
-void scsi_scan_target(struct device *parent, unsigned int channel,
-		      unsigned int id, unsigned int lun, int rescan)
+struct scsi_target *scsi_scan_target(struct device *parent, unsigned int channel,
+				     unsigned int id, unsigned int lun, int rescan)
 {
 	struct Scsi_Host *shost = dev_to_shost(parent);
+	struct scsi_target *starget = NULL;
 
 	if (strncmp(scsi_scan_type, "none", 4) == 0)
-		return;
+		return NULL;
 
 	mutex_lock(&shost->scan_mutex);
 	if (!shost->async_scan)
 		scsi_complete_async_scans();
 
 	if (scsi_host_scan_allowed(shost) && scsi_autopm_get_host(shost) == 0) {
-		__scsi_scan_target(parent, channel, id, lun, rescan);
+		starget = __scsi_scan_target(parent, channel, id, lun, rescan);
 		scsi_autopm_put_host(shost);
 	}
 	mutex_unlock(&shost->scan_mutex);
+
+	return starget;
 }
 EXPORT_SYMBOL(scsi_scan_target);
 
@@ -1714,6 +1719,9 @@ static void scsi_sysfs_add_devices(struct Scsi_Host *shost)
 {
 	struct scsi_device *sdev;
 	shost_for_each_device(sdev, shost) {
+		/* target removed before the device could be added */
+		if (sdev->sdev_state == SDEV_DEL)
+			continue;
 		if (!scsi_host_scan_allowed(shost) ||
 		    scsi_sysfs_add_sdev(sdev) != 0)
 			__scsi_remove_device(sdev);
diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c
index 04c2a27..d1293b6 100644
--- a/drivers/scsi/scsi_sysfs.c
+++ b/drivers/scsi/scsi_sysfs.c
@@ -993,12 +993,24 @@ void scsi_remove_device(struct scsi_device *sdev)
 }
 EXPORT_SYMBOL(scsi_remove_device);
 
-static void __scsi_remove_target(struct scsi_target *starget)
+/**
+ * __scsi_remove_target - explicitly remove a target
+ * @starget: specific target to be removed
+ *
+ * This allows a target to be removed regardless of whether it has been
+ * async scanned or not.  scsi_remove_target() depends on
+ * device_for_each_child() and will not enumerate children that have not
+ * been through device_add() yet.
+ */
+void __scsi_remove_target(struct scsi_target *starget)
 {
 	struct Scsi_Host *shost = dev_to_shost(starget->dev.parent);
 	unsigned long flags;
 	struct scsi_device *sdev;
 
+	if (!starget)
+		return;
+
 	spin_lock_irqsave(shost->host_lock, flags);
 	starget->reap_ref++;
  restart:
@@ -1016,6 +1028,7 @@ static void __scsi_remove_target(struct scsi_target *starget)
 	spin_unlock_irqrestore(shost->host_lock, flags);
 	scsi_target_reap(starget);
 }
+EXPORT_SYMBOL_GPL(__scsi_remove_target);
 
 static int __remove_child (struct device * dev, void * data)
 {
diff --git a/drivers/scsi/scsi_transport_sas.c b/drivers/scsi/scsi_transport_sas.c
index f7565fc..3afb38d 100644
--- a/drivers/scsi/scsi_transport_sas.c
+++ b/drivers/scsi/scsi_transport_sas.c
@@ -1592,7 +1592,7 @@ int sas_rphy_add(struct sas_rphy *rphy)
 		else
 			lun = 0;
 
-		scsi_scan_target(&rphy->dev, 0, rphy->scsi_target_id, lun, 0);
+		rphy->starget = scsi_scan_target(&rphy->dev, 0, rphy->scsi_target_id, lun, 0);
 	}
 
 	return 0;
@@ -1669,7 +1669,8 @@ sas_rphy_remove(struct sas_rphy *rphy)
 
 	switch (rphy->identify.device_type) {
 	case SAS_END_DEVICE:
-		scsi_remove_target(dev);
+		__scsi_remove_target(rphy->starget);
+		rphy->starget = NULL;
 		break;
 	case SAS_EDGE_EXPANDER_DEVICE:
 	case SAS_FANOUT_EXPANDER_DEVICE:
diff --git a/include/scsi/scsi_device.h b/include/scsi/scsi_device.h
index 6efb2e1..7cd0d75 100644
--- a/include/scsi/scsi_device.h
+++ b/include/scsi/scsi_device.h
@@ -368,12 +368,13 @@ extern int scsi_device_quiesce(struct scsi_device *sdev);
 extern void scsi_device_resume(struct scsi_device *sdev);
 extern void scsi_target_quiesce(struct scsi_target *);
 extern void scsi_target_resume(struct scsi_target *);
-extern void scsi_scan_target(struct device *parent, unsigned int channel,
-			     unsigned int id, unsigned int lun, int rescan);
+extern struct scsi_target *scsi_scan_target(struct device *parent, unsigned int channel,
+					    unsigned int id, unsigned int lun, int rescan);
 extern void scsi_target_reap(struct scsi_target *);
 extern void scsi_target_block(struct device *);
 extern void scsi_target_unblock(struct device *);
 extern void scsi_remove_target(struct device *);
+extern void __scsi_remove_target(struct scsi_target *starget);
 extern void int_to_scsilun(unsigned int, struct scsi_lun *);
 extern int scsilun_to_int(struct scsi_lun *);
 extern const char *scsi_device_state_name(enum scsi_device_state);
diff --git a/include/scsi/scsi_transport_sas.h b/include/scsi/scsi_transport_sas.h
index 98b3a20..d98dcef 100644
--- a/include/scsi/scsi_transport_sas.h
+++ b/include/scsi/scsi_transport_sas.h
@@ -93,6 +93,7 @@ struct sas_rphy {
 	struct list_head	list;
 	struct request_queue	*q;
 	u32			scsi_target_id;
+	struct scsi_target	*starget;
 };
 
 #define dev_to_rphy(d) \

Re: [RFC PATCH] scsi: fix hot unplug vs async scan race

[Dan Williams]

[ add the folks on the cc ]

On Fri, May 25, 2012 at 12:55 AM, Dan Williams <dan.j.williams@intel.com> wrote:
> The following crash results from cases where the end_device has been
> removed before scsi_sysfs_add_sdev has had a chance to run.
>
>  BUG: unable to handle kernel NULL pointer dereference at 0000000000000098
>  IP: [<ffffffff8115e100>] sysfs_create_dir+0x32/0xb6
>  ...
>  Call Trace:
>  [<ffffffff8125e4a8>] kobject_add_internal+0x120/0x1e3
>  [<ffffffff81075149>] ? trace_hardirqs_on+0xd/0xf
>  [<ffffffff8125e641>] kobject_add_varg+0x41/0x50
>  [<ffffffff8125e70b>] kobject_add+0x64/0x66
>  [<ffffffff8131122b>] device_add+0x12d/0x63a
>  [<ffffffff814b65ea>] ? _raw_spin_unlock_irqrestore+0x47/0x56
>  [<ffffffff8107de15>] ? module_refcount+0x89/0xa0
>  [<ffffffff8132f348>] scsi_sysfs_add_sdev+0x4e/0x28a
>  [<ffffffff8132dcbb>] do_scan_async+0x9c/0x145
>
> ...teach scsi_sysfs_add_devices to check for deleted device before
> trying to add them.
>
> This teaches scsi_transport_sas to bypass scsi_remove_target() since it
> is unable to find the target from the end_device rphy since
> device_for_each_child() relies on the target device having gone through
> a device_add().
>
> Cc: Mike Christie <michaelc@cs.wisc.edu>
> Cc: Robert Love <robert.w.love@intel.com>
> Cc: Nagalakshmi Nandigama <Nagalakshmi.Nandigama@lsi.com>
> Cc: Kashyap Desai <kashyap.desai@lsi.com>
> Cc: Matthew Wilcox <matthew@wil.cx>
> Cc: <stable@vger.kernel.org>
> [stable: v2.6.20+]
> Reported-by: Dariusz Majchrzak <dariusz.majchrzak@intel.com>
> Signed-off-by: Dan Williams <dan.j.williams@intel.com>
> ---
>
> This is larger than I would like, but could not think of better way to
> retrieve the starget from the transport device.  Other ideas?
>
> --
> Dan
>
>
>  drivers/scsi/scsi_scan.c          |   24 ++++++++++++++++--------
>  drivers/scsi/scsi_sysfs.c         |   15 ++++++++++++++-
>  drivers/scsi/scsi_transport_sas.c |    5 +++--
>  include/scsi/scsi_device.h        |    5 +++--
>  include/scsi/scsi_transport_sas.h |    1 +
>  5 files changed, 37 insertions(+), 13 deletions(-)
>
> diff --git a/drivers/scsi/scsi_scan.c b/drivers/scsi/scsi_scan.c
> index 01b0374..5e00e09 100644
> --- a/drivers/scsi/scsi_scan.c
> +++ b/drivers/scsi/scsi_scan.c
> @@ -1562,8 +1562,8 @@ void scsi_rescan_device(struct device *dev)
>  }
>  EXPORT_SYMBOL(scsi_rescan_device);
>
> -static void __scsi_scan_target(struct device *parent, unsigned int channel,
> -               unsigned int id, unsigned int lun, int rescan)
> +static struct scsi_target *__scsi_scan_target(struct device *parent, unsigned int channel,
> +                                             unsigned int id, unsigned int lun, int rescan)
>  {
>        struct Scsi_Host *shost = dev_to_shost(parent);
>        int bflags = 0;
> @@ -1574,11 +1574,11 @@ static void __scsi_scan_target(struct device *parent, unsigned int channel,
>                /*
>                 * Don't scan the host adapter
>                 */
> -               return;
> +               return NULL;
>
>        starget = scsi_alloc_target(parent, channel, id);
>        if (!starget)
> -               return;
> +               return NULL;
>        scsi_autopm_get_target(starget);
>
>        if (lun != SCAN_WILD_CARD) {
> @@ -1611,6 +1611,8 @@ static void __scsi_scan_target(struct device *parent, unsigned int channel,
>        scsi_target_reap(starget);
>
>        put_device(&starget->dev);
> +
> +       return starget;
>  }
>
>  /**
> @@ -1628,23 +1630,26 @@ static void __scsi_scan_target(struct device *parent, unsigned int channel,
>  *     First try a REPORT LUN scan, if that does not scan the target, do a
>  *     sequential scan of LUNs on the target id.
>  **/
> -void scsi_scan_target(struct device *parent, unsigned int channel,
> -                     unsigned int id, unsigned int lun, int rescan)
> +struct scsi_target *scsi_scan_target(struct device *parent, unsigned int channel,
> +                                    unsigned int id, unsigned int lun, int rescan)
>  {
>        struct Scsi_Host *shost = dev_to_shost(parent);
> +       struct scsi_target *starget = NULL;
>
>        if (strncmp(scsi_scan_type, "none", 4) == 0)
> -               return;
> +               return NULL;
>
>        mutex_lock(&shost->scan_mutex);
>        if (!shost->async_scan)
>                scsi_complete_async_scans();
>
>        if (scsi_host_scan_allowed(shost) && scsi_autopm_get_host(shost) == 0) {
> -               __scsi_scan_target(parent, channel, id, lun, rescan);
> +               starget = __scsi_scan_target(parent, channel, id, lun, rescan);
>                scsi_autopm_put_host(shost);
>        }
>        mutex_unlock(&shost->scan_mutex);
> +
> +       return starget;
>  }
>  EXPORT_SYMBOL(scsi_scan_target);
>
> @@ -1714,6 +1719,9 @@ static void scsi_sysfs_add_devices(struct Scsi_Host *shost)
>  {
>        struct scsi_device *sdev;
>        shost_for_each_device(sdev, shost) {
> +               /* target removed before the device could be added */
> +               if (sdev->sdev_state == SDEV_DEL)
> +                       continue;
>                if (!scsi_host_scan_allowed(shost) ||
>                    scsi_sysfs_add_sdev(sdev) != 0)
>                        __scsi_remove_device(sdev);
> diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c
> index 04c2a27..d1293b6 100644
> --- a/drivers/scsi/scsi_sysfs.c
> +++ b/drivers/scsi/scsi_sysfs.c
> @@ -993,12 +993,24 @@ void scsi_remove_device(struct scsi_device *sdev)
>  }
>  EXPORT_SYMBOL(scsi_remove_device);
>
> -static void __scsi_remove_target(struct scsi_target *starget)
> +/**
> + * __scsi_remove_target - explicitly remove a target
> + * @starget: specific target to be removed
> + *
> + * This allows a target to be removed regardless of whether it has been
> + * async scanned or not.  scsi_remove_target() depends on
> + * device_for_each_child() and will not enumerate children that have not
> + * been through device_add() yet.
> + */
> +void __scsi_remove_target(struct scsi_target *starget)
>  {
>        struct Scsi_Host *shost = dev_to_shost(starget->dev.parent);
>        unsigned long flags;
>        struct scsi_device *sdev;
>
> +       if (!starget)
> +               return;
> +
>        spin_lock_irqsave(shost->host_lock, flags);
>        starget->reap_ref++;
>  restart:
> @@ -1016,6 +1028,7 @@ static void __scsi_remove_target(struct scsi_target *starget)
>        spin_unlock_irqrestore(shost->host_lock, flags);
>        scsi_target_reap(starget);
>  }
> +EXPORT_SYMBOL_GPL(__scsi_remove_target);
>
>  static int __remove_child (struct device * dev, void * data)
>  {
> diff --git a/drivers/scsi/scsi_transport_sas.c b/drivers/scsi/scsi_transport_sas.c
> index f7565fc..3afb38d 100644
> --- a/drivers/scsi/scsi_transport_sas.c
> +++ b/drivers/scsi/scsi_transport_sas.c
> @@ -1592,7 +1592,7 @@ int sas_rphy_add(struct sas_rphy *rphy)
>                else
>                        lun = 0;
>
> -               scsi_scan_target(&rphy->dev, 0, rphy->scsi_target_id, lun, 0);
> +               rphy->starget = scsi_scan_target(&rphy->dev, 0, rphy->scsi_target_id, lun, 0);
>        }
>
>        return 0;
> @@ -1669,7 +1669,8 @@ sas_rphy_remove(struct sas_rphy *rphy)
>
>        switch (rphy->identify.device_type) {
>        case SAS_END_DEVICE:
> -               scsi_remove_target(dev);
> +               __scsi_remove_target(rphy->starget);
> +               rphy->starget = NULL;
>                break;
>        case SAS_EDGE_EXPANDER_DEVICE:
>        case SAS_FANOUT_EXPANDER_DEVICE:
> diff --git a/include/scsi/scsi_device.h b/include/scsi/scsi_device.h
> index 6efb2e1..7cd0d75 100644
> --- a/include/scsi/scsi_device.h
> +++ b/include/scsi/scsi_device.h
> @@ -368,12 +368,13 @@ extern int scsi_device_quiesce(struct scsi_device *sdev);
>  extern void scsi_device_resume(struct scsi_device *sdev);
>  extern void scsi_target_quiesce(struct scsi_target *);
>  extern void scsi_target_resume(struct scsi_target *);
> -extern void scsi_scan_target(struct device *parent, unsigned int channel,
> -                            unsigned int id, unsigned int lun, int rescan);
> +extern struct scsi_target *scsi_scan_target(struct device *parent, unsigned int channel,
> +                                           unsigned int id, unsigned int lun, int rescan);
>  extern void scsi_target_reap(struct scsi_target *);
>  extern void scsi_target_block(struct device *);
>  extern void scsi_target_unblock(struct device *);
>  extern void scsi_remove_target(struct device *);
> +extern void __scsi_remove_target(struct scsi_target *starget);
>  extern void int_to_scsilun(unsigned int, struct scsi_lun *);
>  extern int scsilun_to_int(struct scsi_lun *);
>  extern const char *scsi_device_state_name(enum scsi_device_state);
> diff --git a/include/scsi/scsi_transport_sas.h b/include/scsi/scsi_transport_sas.h
> index 98b3a20..d98dcef 100644
> --- a/include/scsi/scsi_transport_sas.h
> +++ b/include/scsi/scsi_transport_sas.h
> @@ -93,6 +93,7 @@ struct sas_rphy {
>        struct list_head        list;
>        struct request_queue    *q;
>        u32                     scsi_target_id;
> +       struct scsi_target      *starget;
>  };
>
>  #define dev_to_rphy(d) \
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [RFC PATCH] scsi: fix hot unplug vs async scan race

[Mike Christie]

On 05/25/2012 10:34 AM, Dan Williams wrote:
>> diff --git a/drivers/scsi/scsi_transport_sas.c b/drivers/scsi/scsi_transport_sas.c
>> index f7565fc..3afb38d 100644
>> --- a/drivers/scsi/scsi_transport_sas.c
>> +++ b/drivers/scsi/scsi_transport_sas.c
>> @@ -1592,7 +1592,7 @@ int sas_rphy_add(struct sas_rphy *rphy)
>>                else
>>                        lun = 0;
>>
>> -               scsi_scan_target(&rphy->dev, 0, rphy->scsi_target_id, lun, 0);
>> +               rphy->starget = scsi_scan_target(&rphy->dev, 0, rphy->scsi_target_id, lun, 0);
>>        }
>>
>>        return 0;
>> @@ -1669,7 +1669,8 @@ sas_rphy_remove(struct sas_rphy *rphy)
>>
>>        switch (rphy->identify.device_type) {
>>        case SAS_END_DEVICE:
>> -               scsi_remove_target(dev);
>> +               __scsi_remove_target(rphy->starget);
>> +               rphy->starget = NULL;
>>                break;

I do not think it is safe to have the starget pointer on the phy and
then pass it to scsi_remove_target. If you did

for each device
	echo 1 > /sys/..../remove

then the target would get reaped/freed from under the transport class right?

It looks like the fc class needs a similar fix though too.

iSCSI is ok since no iscsi driver does scsi_scan_host and does async
scanning from userspace.

Re: [RFC PATCH] scsi: fix hot unplug vs async scan race

[Dan Williams]

On Fri, May 25, 2012 at 9:52 PM, Mike Christie <michaelc@cs.wisc.edu> wrote:
> On 05/25/2012 10:34 AM, Dan Williams wrote:
>>> diff --git a/drivers/scsi/scsi_transport_sas.c b/drivers/scsi/scsi_transport_sas.c
>>> index f7565fc..3afb38d 100644
>>> --- a/drivers/scsi/scsi_transport_sas.c
>>> +++ b/drivers/scsi/scsi_transport_sas.c
>>> @@ -1592,7 +1592,7 @@ int sas_rphy_add(struct sas_rphy *rphy)
>>>                else
>>>                        lun = 0;
>>>
>>> -               scsi_scan_target(&rphy->dev, 0, rphy->scsi_target_id, lun, 0);
>>> +               rphy->starget = scsi_scan_target(&rphy->dev, 0, rphy->scsi_target_id, lun, 0);
>>>        }
>>>
>>>        return 0;
>>> @@ -1669,7 +1669,8 @@ sas_rphy_remove(struct sas_rphy *rphy)
>>>
>>>        switch (rphy->identify.device_type) {
>>>        case SAS_END_DEVICE:
>>> -               scsi_remove_target(dev);
>>> +               __scsi_remove_target(rphy->starget);
>>> +               rphy->starget = NULL;
>>>                break;
>
> I do not think it is safe to have the starget pointer on the phy and
> then pass it to scsi_remove_target. If you did
>
> for each device
>        echo 1 > /sys/..../remove
>
> then the target would get reaped/freed from under the transport class right?

Where does that 'remove' attribute come from?  I can't seem to find it.

In any event I agree it's a bad precedent for the transport class to
start remembering scsi_targets especially without reference counting
them.  The problem is really that device_for_each_child() can't help
us in the async remove case.  So maybe a brute force "is the passed in
dev an ancestor for a scsi_target (registered or not) on
shost->__targets" is needed.  I'll give that a shot.

> It looks like the fc class needs a similar fix though too.
>
> iSCSI is ok since no iscsi driver does scsi_scan_host and does async
> scanning from userspace.

Ok, iscsi can never set shost->async_scan in that case.

--
Dan
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [RFC PATCH] scsi: fix hot unplug vs async scan race

[Mike Christie]

On 05/29/2012 07:48 PM, Dan Williams wrote:
>> for each device
>>        echo 1 > /sys/..../remove
>>
>> then the target would get reaped/freed from under the transport class right?
> 
> Where does that 'remove' attribute come from?  I can't seem to find it.
> 

Oops. I meant delete. /sys/block/sdX/device/delete. There is also the
proc delete file too.