* [PATCH v2 0/7] qla2xxx: Bug Fixes for driver.
@ 2017-05-25 1:06 Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 1/7] qla2xxx: Fix recursive loop during target mode configuration for ISP25XX leaving system unresponsive Himanshu Madhani
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: Himanshu Madhani @ 2017-05-25 1:06 UTC (permalink / raw)
To: James.Bottomley, martin.petersen; +Cc: himanshu.madhani, linux-scsi
Hi Martin,
I have reduced the series for 4.12 rc merge to 1-10 patches that
were submitted earlier.
Changes from v1 --> v2
o Drop patches that can be queued for 4.13 scsi-misc merge and will be
sent as new series.
o Addressed commit summary of patches from Bart's review where applicable.
Please include them in 4.12.0-rc3 fixes at your earliest convenience.
Thanks,
Himanshu
Himanshu Madhani (1):
qla2xxx: Fix recursive loop during target mode configuration for
ISP25XX leaving system unresponsive.
Joe Carnuccio (4):
qla2xxx: Modify T262 FW dump template to specify same start/end to
debug customer issues.
qla2xxx: Set bit 15 for DIAG_ECHO_TEST MBC.
qla2xxx: Fix mailbox pointer error in fwdump capture.
qla2xxx: Fix crash due to NULL pointer dereference of ctx.
Quinn Tran (1):
qla2xxx: Fix NULL pointer access due to redundant fc_host_port_name
call
Sawan Chandak (1):
qla2xxx: Fix crash due to mismatch mumber of Q-pair creation for Multi
queue
drivers/scsi/qla2xxx/qla_bsg.c | 9 +++++----
drivers/scsi/qla2xxx/qla_dbg.c | 4 ++--
drivers/scsi/qla2xxx/qla_def.h | 1 +
drivers/scsi/qla2xxx/qla_init.c | 5 ++++-
drivers/scsi/qla2xxx/qla_inline.h | 26 +++++++-------------------
drivers/scsi/qla2xxx/qla_isr.c | 2 +-
drivers/scsi/qla2xxx/qla_mbx.c | 13 ++-----------
drivers/scsi/qla2xxx/qla_os.c | 30 +++++++++++++++++++-----------
drivers/scsi/qla2xxx/qla_target.c | 8 +++++---
drivers/scsi/qla2xxx/qla_tmpl.c | 2 +-
10 files changed, 47 insertions(+), 53 deletions(-)
--
2.12.0
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH v2 1/7] qla2xxx: Fix recursive loop during target mode configuration for ISP25XX leaving system unresponsive.
2017-05-25 1:06 [PATCH v2 0/7] qla2xxx: Bug Fixes for driver Himanshu Madhani
@ 2017-05-25 1:06 ` Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 2/7] qla2xxx: Fix NULL pointer access due to redundant fc_host_port_name call Himanshu Madhani
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Himanshu Madhani @ 2017-05-25 1:06 UTC (permalink / raw)
To: James.Bottomley, martin.petersen; +Cc: himanshu.madhani, linux-scsi
Following messages are seen into system logs
qla2xxx [0000:09:00.0]-00af:9: Performing ISP error recovery -
ha=ffff98315ee30000.
qla2xxx [0000:09:00.0]-504b:9: RISC paused -- HCCR=40, Dumping firmware.
qla2xxx [0000:09:00.0]-d009:9: Firmware has been previously dumped
(ffffba488c001000) -- ignoring request.
qla2xxx [0000:09:00.0]-504b:9: RISC paused -- HCCR=40, Dumping firmware.
See Bugzilla for details
https://bugzilla.kernel.org/show_bug.cgi?id=195285
Fixes: d74595278f4ab ("scsi: qla2xxx: Add multiple queue pair functionality.")
Cc: <stable@vger.kernel.org> # 4.10
Reported-by: Laurence Oberman <loberman@redhat.com>
Reported-by: Anthony Bloodoff <anthony.bloodoff@gmail.com>
Tested-by: Laurence Oberman <loberman@redhat.com>
Tested-by: Anthony Bloodoff <anthony.bloodoff@gmail.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Giridhar Malavali <giridhar.malavali@cavium.com>
---
drivers/scsi/qla2xxx/qla_isr.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/qla2xxx/qla_isr.c b/drivers/scsi/qla2xxx/qla_isr.c
index aac03504d9a3..2572121b765b 100644
--- a/drivers/scsi/qla2xxx/qla_isr.c
+++ b/drivers/scsi/qla2xxx/qla_isr.c
@@ -3282,7 +3282,7 @@ qla24xx_enable_msix(struct qla_hw_data *ha, struct rsp_que *rsp)
}
/* Enable MSI-X vector for response queue update for queue 0 */
- if (IS_QLA83XX(ha) || IS_QLA27XX(ha)) {
+ if (IS_QLA25XX(ha) || IS_QLA83XX(ha) || IS_QLA27XX(ha)) {
if (ha->msixbase && ha->mqiobase &&
(ha->max_rsp_queues > 1 || ha->max_req_queues > 1 ||
ql2xmqsupport))
--
2.12.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH v2 2/7] qla2xxx: Fix NULL pointer access due to redundant fc_host_port_name call
2017-05-25 1:06 [PATCH v2 0/7] qla2xxx: Bug Fixes for driver Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 1/7] qla2xxx: Fix recursive loop during target mode configuration for ISP25XX leaving system unresponsive Himanshu Madhani
@ 2017-05-25 1:06 ` Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 3/7] qla2xxx: Fix crash due to mismatch mumber of Q-pair creation for Multi queue Himanshu Madhani
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Himanshu Madhani @ 2017-05-25 1:06 UTC (permalink / raw)
To: James.Bottomley, martin.petersen; +Cc: himanshu.madhani, linux-scsi
From: Quinn Tran <quinn.tran@cavium.com>
Remove redundant fc_host_port_name calls to prevent
early access of scsi_host->shost_data buffer. This
prevent null pointer access.
Following stack trace is seen
BUG: unable to handle kernel NULL pointer dereference at 00000000000008
IP: qla24xx_report_id_acquisition+0x22d/0x3a0 [qla2xxx]
Cc: <stable@vger.kernel.org> # 4.11
Signed-off-by: Quinn Tran <quinn.tran@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
---
drivers/scsi/qla2xxx/qla_mbx.c | 9 ---------
1 file changed, 9 deletions(-)
diff --git a/drivers/scsi/qla2xxx/qla_mbx.c b/drivers/scsi/qla2xxx/qla_mbx.c
index a113ab3592a7..12fea77e31c6 100644
--- a/drivers/scsi/qla2xxx/qla_mbx.c
+++ b/drivers/scsi/qla2xxx/qla_mbx.c
@@ -3676,15 +3676,6 @@ qla24xx_report_id_acquisition(scsi_qla_host_t *vha,
qlt_update_host_map(vha, id);
}
- fc_host_port_name(vha->host) =
- wwn_to_u64(vha->port_name);
-
- if (qla_ini_mode_enabled(vha))
- ql_dbg(ql_dbg_mbx, vha, 0x1018,
- "FA-WWN portname %016llx (%x)\n",
- fc_host_port_name(vha->host),
- rptid_entry->vp_status);
-
set_bit(REGISTER_FC4_NEEDED, &vha->dpc_flags);
set_bit(REGISTER_FDMI_NEEDED, &vha->dpc_flags);
} else {
--
2.12.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH v2 3/7] qla2xxx: Fix crash due to mismatch mumber of Q-pair creation for Multi queue
2017-05-25 1:06 [PATCH v2 0/7] qla2xxx: Bug Fixes for driver Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 1/7] qla2xxx: Fix recursive loop during target mode configuration for ISP25XX leaving system unresponsive Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 2/7] qla2xxx: Fix NULL pointer access due to redundant fc_host_port_name call Himanshu Madhani
@ 2017-05-25 1:06 ` Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 4/7] qla2xxx: Modify T262 FW dump template to specify same start/end to debug customer issues Himanshu Madhani
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Himanshu Madhani @ 2017-05-25 1:06 UTC (permalink / raw)
To: James.Bottomley, martin.petersen; +Cc: himanshu.madhani, linux-scsi
From: Sawan Chandak <sawan.chandak@cavium.com>
when driver is loaded with Multi Queue enabled, it was
noticed that there was one less queue pair created.
Following message would indicate this
"No resources to create additional q pair."
The result of one less queue pair means that system can crash,
if the block mq layer thinks there is an extra hardware queue
available, and the driver will use a NULL ptr qpair in that instance.
Following stack trace is seen in one of the crash
irq_create_affinity_masks+0x98/0x530
irq_create_affinity_masks+0x98/0x530
__pci_enable_msix+0x321/0x4e0
mutex_lock+0x12/0x40
pci_alloc_irq_vectors_affinity+0xb5/0x140
qla24xx_enable_msix+0x79/0x530 [qla2xxx]
qla2x00_request_irqs+0x61/0x2d0 [qla2xxx]
qla2x00_probe_one+0xc73/0x2390 [qla2xxx]
ida_simple_get+0x98/0x100
kernfs_next_descendant_post+0x40/0x50
local_pci_probe+0x45/0xa0
pci_device_probe+0xfc/0x140
driver_probe_device+0x2c5/0x470
__driver_attach+0xdd/0xe0
driver_probe_device+0x470/0x470
bus_for_each_dev+0x6c/0xc0
driver_attach+0x1e/0x20
bus_add_driver+0x45/0x270
driver_register+0x60/0xe0
__pci_register_driver+0x4c/0x50
qla2x00_module_init+0x1ce/0x21e [qla2xxx]
Cc: <stable@vger.kernel.org> # 4.10
Signed-off-by: Sawan Chandak <sawan.chandak@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
---
drivers/scsi/qla2xxx/qla_def.h | 1 +
drivers/scsi/qla2xxx/qla_init.c | 5 ++++-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/scsi/qla2xxx/qla_def.h b/drivers/scsi/qla2xxx/qla_def.h
index ae119018dfaa..eddbc1218a39 100644
--- a/drivers/scsi/qla2xxx/qla_def.h
+++ b/drivers/scsi/qla2xxx/qla_def.h
@@ -3425,6 +3425,7 @@ struct qla_hw_data {
uint8_t max_req_queues;
uint8_t max_rsp_queues;
uint8_t max_qpairs;
+ uint8_t num_qpairs;
struct qla_qpair *base_qpair;
struct qla_npiv_entry *npiv_info;
uint16_t nvram_npiv_size;
diff --git a/drivers/scsi/qla2xxx/qla_init.c b/drivers/scsi/qla2xxx/qla_init.c
index 034743309ada..0391fc317003 100644
--- a/drivers/scsi/qla2xxx/qla_init.c
+++ b/drivers/scsi/qla2xxx/qla_init.c
@@ -7543,12 +7543,13 @@ struct qla_qpair *qla2xxx_create_qpair(struct scsi_qla_host *vha, int qos, int v
/* Assign available que pair id */
mutex_lock(&ha->mq_lock);
qpair_id = find_first_zero_bit(ha->qpair_qid_map, ha->max_qpairs);
- if (qpair_id >= ha->max_qpairs) {
+ if (ha->num_qpairs >= ha->max_qpairs) {
mutex_unlock(&ha->mq_lock);
ql_log(ql_log_warn, vha, 0x0183,
"No resources to create additional q pair.\n");
goto fail_qid_map;
}
+ ha->num_qpairs++;
set_bit(qpair_id, ha->qpair_qid_map);
ha->queue_pair_map[qpair_id] = qpair;
qpair->id = qpair_id;
@@ -7635,6 +7636,7 @@ struct qla_qpair *qla2xxx_create_qpair(struct scsi_qla_host *vha, int qos, int v
fail_msix:
ha->queue_pair_map[qpair_id] = NULL;
clear_bit(qpair_id, ha->qpair_qid_map);
+ ha->num_qpairs--;
mutex_unlock(&ha->mq_lock);
fail_qid_map:
kfree(qpair);
@@ -7660,6 +7662,7 @@ int qla2xxx_delete_qpair(struct scsi_qla_host *vha, struct qla_qpair *qpair)
mutex_lock(&ha->mq_lock);
ha->queue_pair_map[qpair->id] = NULL;
clear_bit(qpair->id, ha->qpair_qid_map);
+ ha->num_qpairs--;
list_del(&qpair->qp_list_elem);
if (list_empty(&vha->qp_list))
vha->flags.qpairs_available = 0;
--
2.12.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH v2 4/7] qla2xxx: Modify T262 FW dump template to specify same start/end to debug customer issues.
2017-05-25 1:06 [PATCH v2 0/7] qla2xxx: Bug Fixes for driver Himanshu Madhani
` (2 preceding siblings ...)
2017-05-25 1:06 ` [PATCH v2 3/7] qla2xxx: Fix crash due to mismatch mumber of Q-pair creation for Multi queue Himanshu Madhani
@ 2017-05-25 1:06 ` Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 5/7] qla2xxx: Set bit 15 for DIAG_ECHO_TEST MBC Himanshu Madhani
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Himanshu Madhani @ 2017-05-25 1:06 UTC (permalink / raw)
To: James.Bottomley, martin.petersen; +Cc: himanshu.madhani, linux-scsi
From: Joe Carnuccio <joe.carnuccio@cavium.com>
Firmware dump allows for debugging customer issues. This patch fixes
start/end pointer calculation to capture T262 template entryfor dump
tool.
Cc: <stable@vger.kernel.org> # 4.10
Signed-off-by: Joe Carnuccio <joe.carnuccio@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
---
drivers/scsi/qla2xxx/qla_tmpl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/qla2xxx/qla_tmpl.c b/drivers/scsi/qla2xxx/qla_tmpl.c
index 8a58ef3adab4..c197972a3e2d 100644
--- a/drivers/scsi/qla2xxx/qla_tmpl.c
+++ b/drivers/scsi/qla2xxx/qla_tmpl.c
@@ -371,7 +371,7 @@ qla27xx_fwdt_entry_t262(struct scsi_qla_host *vha,
goto done;
}
- if (end <= start || start == 0 || end == 0) {
+ if (end < start || start == 0 || end == 0) {
ql_dbg(ql_dbg_misc, vha, 0xd023,
"%s: unusable range (start=%x end=%x)\n", __func__,
ent->t262.end_addr, ent->t262.start_addr);
--
2.12.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH v2 5/7] qla2xxx: Set bit 15 for DIAG_ECHO_TEST MBC.
2017-05-25 1:06 [PATCH v2 0/7] qla2xxx: Bug Fixes for driver Himanshu Madhani
` (3 preceding siblings ...)
2017-05-25 1:06 ` [PATCH v2 4/7] qla2xxx: Modify T262 FW dump template to specify same start/end to debug customer issues Himanshu Madhani
@ 2017-05-25 1:06 ` Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 6/7] qla2xxx: Fix mailbox pointer error in fwdump capture Himanshu Madhani
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Himanshu Madhani @ 2017-05-25 1:06 UTC (permalink / raw)
To: James.Bottomley, martin.petersen; +Cc: himanshu.madhani, linux-scsi
From: Joe Carnuccio <joe.carnuccio@cavium.com>
Set bit (BIT_15) to send right ECHO payload information
for Diagnostic Echo Test command.
Cc: <stable@vger.kernel.org> # 4.10
Signed-off-by: Joe Carnuccio <joe.carnuccio@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
---
drivers/scsi/qla2xxx/qla_bsg.c | 9 +++++----
drivers/scsi/qla2xxx/qla_mbx.c | 4 ++--
2 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/drivers/scsi/qla2xxx/qla_bsg.c b/drivers/scsi/qla2xxx/qla_bsg.c
index 16d1cd50feed..ca3420de5a01 100644
--- a/drivers/scsi/qla2xxx/qla_bsg.c
+++ b/drivers/scsi/qla2xxx/qla_bsg.c
@@ -730,6 +730,8 @@ qla2x00_process_loopback(struct bsg_job *bsg_job)
return -EIO;
}
+ memset(&elreq, 0, sizeof(elreq));
+
elreq.req_sg_cnt = dma_map_sg(&ha->pdev->dev,
bsg_job->request_payload.sg_list, bsg_job->request_payload.sg_cnt,
DMA_TO_DEVICE);
@@ -795,10 +797,9 @@ qla2x00_process_loopback(struct bsg_job *bsg_job)
if (atomic_read(&vha->loop_state) == LOOP_READY &&
(ha->current_topology == ISP_CFG_F ||
- ((IS_QLA81XX(ha) || IS_QLA8031(ha) || IS_QLA8044(ha)) &&
- le32_to_cpu(*(uint32_t *)req_data) == ELS_OPCODE_BYTE
- && req_data_len == MAX_ELS_FRAME_PAYLOAD)) &&
- elreq.options == EXTERNAL_LOOPBACK) {
+ (le32_to_cpu(*(uint32_t *)req_data) == ELS_OPCODE_BYTE &&
+ req_data_len == MAX_ELS_FRAME_PAYLOAD)) &&
+ elreq.options == EXTERNAL_LOOPBACK) {
type = "FC_BSG_HST_VENDOR_ECHO_DIAG";
ql_dbg(ql_dbg_user, vha, 0x701e,
"BSG request type: %s.\n", type);
diff --git a/drivers/scsi/qla2xxx/qla_mbx.c b/drivers/scsi/qla2xxx/qla_mbx.c
index 12fea77e31c6..cba1fc5e8be9 100644
--- a/drivers/scsi/qla2xxx/qla_mbx.c
+++ b/drivers/scsi/qla2xxx/qla_mbx.c
@@ -4812,9 +4812,9 @@ qla2x00_echo_test(scsi_qla_host_t *vha, struct msg_echo_lb *mreq,
memset(mcp->mb, 0 , sizeof(mcp->mb));
mcp->mb[0] = MBC_DIAGNOSTIC_ECHO;
- mcp->mb[1] = mreq->options | BIT_6; /* BIT_6 specifies 64bit address */
+ /* BIT_6 specifies 64bit address */
+ mcp->mb[1] = mreq->options | BIT_15 | BIT_6;
if (IS_CNA_CAPABLE(ha)) {
- mcp->mb[1] |= BIT_15;
mcp->mb[2] = vha->fcoe_fcf_idx;
}
mcp->mb[16] = LSW(mreq->rcv_dma);
--
2.12.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH v2 6/7] qla2xxx: Fix mailbox pointer error in fwdump capture.
2017-05-25 1:06 [PATCH v2 0/7] qla2xxx: Bug Fixes for driver Himanshu Madhani
` (4 preceding siblings ...)
2017-05-25 1:06 ` [PATCH v2 5/7] qla2xxx: Set bit 15 for DIAG_ECHO_TEST MBC Himanshu Madhani
@ 2017-05-25 1:06 ` Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 7/7] qla2xxx: Fix crash due to NULL pointer dereference of ctx Himanshu Madhani
2017-05-25 1:56 ` [PATCH v2 0/7] qla2xxx: Bug Fixes for driver Martin K. Petersen
7 siblings, 0 replies; 9+ messages in thread
From: Himanshu Madhani @ 2017-05-25 1:06 UTC (permalink / raw)
To: James.Bottomley, martin.petersen; +Cc: himanshu.madhani, linux-scsi
From: Joe Carnuccio <joe.carnuccio@qlogic.com>
Cc: <stable@vger.kernel.org> # 4.10
Signed-off-by: Joe Carnuccio <joe.carnuccio@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
---
drivers/scsi/qla2xxx/qla_dbg.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/scsi/qla2xxx/qla_dbg.c b/drivers/scsi/qla2xxx/qla_dbg.c
index 51b4179469d1..88748a6ab73f 100644
--- a/drivers/scsi/qla2xxx/qla_dbg.c
+++ b/drivers/scsi/qla2xxx/qla_dbg.c
@@ -1131,7 +1131,7 @@ qla24xx_fw_dump(scsi_qla_host_t *vha, int hardware_locked)
/* Mailbox registers. */
mbx_reg = ®->mailbox0;
- for (cnt = 0; cnt < sizeof(fw->mailbox_reg) / 2; cnt++, dmp_reg++)
+ for (cnt = 0; cnt < sizeof(fw->mailbox_reg) / 2; cnt++, mbx_reg++)
fw->mailbox_reg[cnt] = htons(RD_REG_WORD(mbx_reg));
/* Transfer sequence registers. */
@@ -2090,7 +2090,7 @@ qla83xx_fw_dump(scsi_qla_host_t *vha, int hardware_locked)
/* Mailbox registers. */
mbx_reg = ®->mailbox0;
- for (cnt = 0; cnt < sizeof(fw->mailbox_reg) / 2; cnt++, dmp_reg++)
+ for (cnt = 0; cnt < sizeof(fw->mailbox_reg) / 2; cnt++, mbx_reg++)
fw->mailbox_reg[cnt] = htons(RD_REG_WORD(mbx_reg));
/* Transfer sequence registers. */
--
2.12.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH v2 7/7] qla2xxx: Fix crash due to NULL pointer dereference of ctx.
2017-05-25 1:06 [PATCH v2 0/7] qla2xxx: Bug Fixes for driver Himanshu Madhani
` (5 preceding siblings ...)
2017-05-25 1:06 ` [PATCH v2 6/7] qla2xxx: Fix mailbox pointer error in fwdump capture Himanshu Madhani
@ 2017-05-25 1:06 ` Himanshu Madhani
2017-05-25 1:56 ` [PATCH v2 0/7] qla2xxx: Bug Fixes for driver Martin K. Petersen
7 siblings, 0 replies; 9+ messages in thread
From: Himanshu Madhani @ 2017-05-25 1:06 UTC (permalink / raw)
To: James.Bottomley, martin.petersen; +Cc: himanshu.madhani, linux-scsi
From: Joe Carnuccio <joe.carnuccio@cavium.com>
Fixes following signature in the stack trace:
BUG: unable to handle kernel NULL pointer dereference at 0000000000000374
IP: [<ffffffffa06ec8eb>] qla2x00_sp_free_dma+0xeb/0x2a0 [qla2xxx]
Cc: <stable@vger.kernel.org> # 4.10
Signed-off-by: Joe Carnuccio <joe.carnuccio@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
---
drivers/scsi/qla2xxx/qla_inline.h | 26 +++++++-------------------
drivers/scsi/qla2xxx/qla_os.c | 30 +++++++++++++++++++-----------
drivers/scsi/qla2xxx/qla_target.c | 8 +++++---
3 files changed, 31 insertions(+), 33 deletions(-)
diff --git a/drivers/scsi/qla2xxx/qla_inline.h b/drivers/scsi/qla2xxx/qla_inline.h
index 66df6cec59da..c61a6a871c8e 100644
--- a/drivers/scsi/qla2xxx/qla_inline.h
+++ b/drivers/scsi/qla2xxx/qla_inline.h
@@ -129,28 +129,16 @@ qla2x00_clear_loop_id(fc_port_t *fcport) {
}
static inline void
-qla2x00_clean_dsd_pool(struct qla_hw_data *ha, srb_t *sp,
- struct qla_tgt_cmd *tc)
+qla2x00_clean_dsd_pool(struct qla_hw_data *ha, struct crc_context *ctx)
{
- struct dsd_dma *dsd_ptr, *tdsd_ptr;
- struct crc_context *ctx;
-
- if (sp)
- ctx = (struct crc_context *)GET_CMD_CTX_SP(sp);
- else if (tc)
- ctx = (struct crc_context *)tc->ctx;
- else {
- BUG();
- return;
- }
+ struct dsd_dma *dsd, *tdsd;
/* clean up allocated prev pool */
- list_for_each_entry_safe(dsd_ptr, tdsd_ptr,
- &ctx->dsd_list, list) {
- dma_pool_free(ha->dl_dma_pool, dsd_ptr->dsd_addr,
- dsd_ptr->dsd_list_dma);
- list_del(&dsd_ptr->list);
- kfree(dsd_ptr);
+ list_for_each_entry_safe(dsd, tdsd, &ctx->dsd_list, list) {
+ dma_pool_free(ha->dl_dma_pool, dsd->dsd_addr,
+ dsd->dsd_list_dma);
+ list_del(&dsd->list);
+ kfree(dsd);
}
INIT_LIST_HEAD(&ctx->dsd_list);
}
diff --git a/drivers/scsi/qla2xxx/qla_os.c b/drivers/scsi/qla2xxx/qla_os.c
index 1c7957903283..c8282a1ab6dc 100644
--- a/drivers/scsi/qla2xxx/qla_os.c
+++ b/drivers/scsi/qla2xxx/qla_os.c
@@ -630,29 +630,34 @@ qla2x00_sp_free_dma(void *ptr)
sp->flags &= ~SRB_CRC_PROT_DMA_VALID;
}
+ if (!ctx)
+ goto end;
+
if (sp->flags & SRB_CRC_CTX_DSD_VALID) {
/* List assured to be having elements */
- qla2x00_clean_dsd_pool(ha, sp, NULL);
+ qla2x00_clean_dsd_pool(ha, ctx);
sp->flags &= ~SRB_CRC_CTX_DSD_VALID;
}
if (sp->flags & SRB_CRC_CTX_DMA_VALID) {
- dma_pool_free(ha->dl_dma_pool, ctx,
- ((struct crc_context *)ctx)->crc_ctx_dma);
+ struct crc_context *ctx0 = ctx;
+
+ dma_pool_free(ha->dl_dma_pool, ctx0, ctx0->crc_ctx_dma);
sp->flags &= ~SRB_CRC_CTX_DMA_VALID;
}
if (sp->flags & SRB_FCP_CMND_DMA_VALID) {
- struct ct6_dsd *ctx1 = (struct ct6_dsd *)ctx;
+ struct ct6_dsd *ctx1 = ctx;
dma_pool_free(ha->fcp_cmnd_dma_pool, ctx1->fcp_cmnd,
- ctx1->fcp_cmnd_dma);
+ ctx1->fcp_cmnd_dma);
list_splice(&ctx1->dsd_list, &ha->gbl_dsd_list);
ha->gbl_dsd_inuse -= ctx1->dsd_use_cnt;
ha->gbl_dsd_avail += ctx1->dsd_use_cnt;
mempool_free(ctx1, ha->ctx_mempool);
}
+end:
CMD_SP(cmd) = NULL;
qla2x00_rel_sp(sp);
}
@@ -699,21 +704,24 @@ qla2xxx_qpair_sp_free_dma(void *ptr)
sp->flags &= ~SRB_CRC_PROT_DMA_VALID;
}
+ if (!ctx)
+ goto end;
+
if (sp->flags & SRB_CRC_CTX_DSD_VALID) {
/* List assured to be having elements */
- qla2x00_clean_dsd_pool(ha, sp, NULL);
+ qla2x00_clean_dsd_pool(ha, ctx);
sp->flags &= ~SRB_CRC_CTX_DSD_VALID;
}
if (sp->flags & SRB_CRC_CTX_DMA_VALID) {
- dma_pool_free(ha->dl_dma_pool, ctx,
- ((struct crc_context *)ctx)->crc_ctx_dma);
+ struct crc_context *ctx0 = ctx;
+
+ dma_pool_free(ha->dl_dma_pool, ctx, ctx0->crc_ctx_dma);
sp->flags &= ~SRB_CRC_CTX_DMA_VALID;
}
if (sp->flags & SRB_FCP_CMND_DMA_VALID) {
- struct ct6_dsd *ctx1 = (struct ct6_dsd *)ctx;
-
+ struct ct6_dsd *ctx1 = ctx;
dma_pool_free(ha->fcp_cmnd_dma_pool, ctx1->fcp_cmnd,
ctx1->fcp_cmnd_dma);
list_splice(&ctx1->dsd_list, &ha->gbl_dsd_list);
@@ -721,7 +729,7 @@ qla2xxx_qpair_sp_free_dma(void *ptr)
ha->gbl_dsd_avail += ctx1->dsd_use_cnt;
mempool_free(ctx1, ha->ctx_mempool);
}
-
+end:
CMD_SP(cmd) = NULL;
qla2xxx_rel_qpair_sp(sp->qpair, sp);
}
diff --git a/drivers/scsi/qla2xxx/qla_target.c b/drivers/scsi/qla2xxx/qla_target.c
index 0e03ca2ab3e5..e766d8412384 100644
--- a/drivers/scsi/qla2xxx/qla_target.c
+++ b/drivers/scsi/qla2xxx/qla_target.c
@@ -2245,11 +2245,13 @@ static void qlt_unmap_sg(struct scsi_qla_host *vha, struct qla_tgt_cmd *cmd)
pci_unmap_sg(ha->pdev, cmd->prot_sg, cmd->prot_sg_cnt,
cmd->dma_data_direction);
+ if (!cmd->ctx)
+ return;
+
if (cmd->ctx_dsd_alloced)
- qla2x00_clean_dsd_pool(ha, NULL, cmd);
+ qla2x00_clean_dsd_pool(ha, cmd->ctx);
- if (cmd->ctx)
- dma_pool_free(ha->dl_dma_pool, cmd->ctx, cmd->ctx->crc_ctx_dma);
+ dma_pool_free(ha->dl_dma_pool, cmd->ctx, cmd->ctx->crc_ctx_dma);
}
static int qlt_check_reserve_free_req(struct scsi_qla_host *vha,
--
2.12.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH v2 0/7] qla2xxx: Bug Fixes for driver.
2017-05-25 1:06 [PATCH v2 0/7] qla2xxx: Bug Fixes for driver Himanshu Madhani
` (6 preceding siblings ...)
2017-05-25 1:06 ` [PATCH v2 7/7] qla2xxx: Fix crash due to NULL pointer dereference of ctx Himanshu Madhani
@ 2017-05-25 1:56 ` Martin K. Petersen
7 siblings, 0 replies; 9+ messages in thread
From: Martin K. Petersen @ 2017-05-25 1:56 UTC (permalink / raw)
To: Himanshu Madhani; +Cc: James.Bottomley, martin.petersen, linux-scsi
Himanshu,
> I have reduced the series for 4.12 rc merge to 1-10 patches that were
> submitted earlier.
>
> Changes from v1 --> v2
> o Drop patches that can be queued for 4.13 scsi-misc merge and will be
> sent as new series.
> o Addressed commit summary of patches from Bart's review where
> applicable.
>
> Please include them in 4.12.0-rc3 fixes at your earliest convenience.
Applied to 4.12/scsi-fixes. Thanks much!
--
Martin K. Petersen Oracle Linux Engineering
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2017-05-25 1:56 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-05-25 1:06 [PATCH v2 0/7] qla2xxx: Bug Fixes for driver Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 1/7] qla2xxx: Fix recursive loop during target mode configuration for ISP25XX leaving system unresponsive Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 2/7] qla2xxx: Fix NULL pointer access due to redundant fc_host_port_name call Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 3/7] qla2xxx: Fix crash due to mismatch mumber of Q-pair creation for Multi queue Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 4/7] qla2xxx: Modify T262 FW dump template to specify same start/end to debug customer issues Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 5/7] qla2xxx: Set bit 15 for DIAG_ECHO_TEST MBC Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 6/7] qla2xxx: Fix mailbox pointer error in fwdump capture Himanshu Madhani
2017-05-25 1:06 ` [PATCH v2 7/7] qla2xxx: Fix crash due to NULL pointer dereference of ctx Himanshu Madhani
2017-05-25 1:56 ` [PATCH v2 0/7] qla2xxx: Bug Fixes for driver Martin K. Petersen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox