From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753069AbdHWBq6 (ORCPT ); Tue, 22 Aug 2017 21:46:58 -0400 Received: from userp1040.oracle.com ([156.151.31.81]:28204 "EHLO userp1040.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752822AbdHWBq5 (ORCPT ); Tue, 22 Aug 2017 21:46:57 -0400 To: Todd Poynor Cc: Doug Gilbert , "James E.J. Bottomley" , "Martin K. Petersen" , linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org, Hannes Reinecke Subject: Re: [PATCH] sg: recheck MMAP_IO request length with lock held From: "Martin K. Petersen" Organization: Oracle Corporation References: <20170816044843.96697-1-toddpoynor@google.com> Date: Tue, 22 Aug 2017 21:46:43 -0400 In-Reply-To: <20170816044843.96697-1-toddpoynor@google.com> (Todd Poynor's message of "Tue, 15 Aug 2017 21:48:43 -0700") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Source-IP: aserv0021.oracle.com [141.146.126.233] Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Todd, > Commit 1bc0eb044615 ("scsi: sg: protect accesses to 'reserved' page > array") adds needed concurrency protection for the "reserve" buffer. > Some checks that are initially made outside the lock are replicated once > the lock is taken to ensure the checks and resulting decisions are made > using consistent state. > > The check that a request with flag SG_FLAG_MMAP_IO set fits in the > reserve buffer also needs to be performed again under the lock to > ensure the reserve buffer length compared against matches the value in > effect when the request is linked to the reserve buffer. An -ENOMEM > should be returned in this case, instead of switching over to an > indirect buffer as for non-MMAP_IO requests. Applied to 4.14/scsi-queue, thank you! -- Martin K. Petersen Oracle Linux Engineering