AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2024-12-23 06:05:15 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
763303a83a
linux_dsm_epyc7002/drivers
History
Anton Eidelman 763303a83a nvme-multipath: fix crash in nvme_mpath_clear_ctrl_paths 
nvme_mpath_clear_ctrl_paths() iterates through
the ctrl->namespaces list while holding ctrl->scan_lock.
This does not seem to be the correct way of protecting
from concurrent list modification.

Specifically, nvme_scan_work() sorts ctrl->namespaces
AFTER unlocking scan_lock.

This may result in the following (rare) crash in ctrl disconnect
during scan_work:

    BUG: kernel NULL pointer dereference, address: 0000000000000050
    Oops: 0000 [#1] SMP PTI
    CPU: 0 PID: 3995 Comm: nvme 5.3.5-050305-generic
    RIP: 0010:nvme_mpath_clear_current_path+0xe/0x90 [nvme_core]
    ...
    Call Trace:
     nvme_mpath_clear_ctrl_paths+0x3c/0x70 [nvme_core]
     nvme_remove_namespaces+0x35/0xe0 [nvme_core]
     nvme_do_delete_ctrl+0x47/0x90 [nvme_core]
     nvme_sysfs_delete+0x49/0x60 [nvme_core]
     dev_attr_store+0x17/0x30
     sysfs_kf_write+0x3e/0x50
     kernfs_fop_write+0x11e/0x1a0
     __vfs_write+0x1b/0x40
     vfs_write+0xb9/0x1a0
     ksys_write+0x67/0xe0
     __x64_sys_write+0x1a/0x20
     do_syscall_64+0x5a/0x130
     entry_SYSCALL_64_after_hwframe+0x44/0xa9
    RIP: 0033:0x7f8d02bfb154

Fix:
After taking scan_lock in nvme_mpath_clear_ctrl_paths()
down_read(&ctrl->namespaces_rwsem) as well to make list traversal safe.
This will not cause deadlocks because taking scan_lock never happens
while holding the namespaces_rwsem.
Moreover, scan work downs namespaces_rwsem in the same order.

Alternative: sort ctrl->namespaces in nvme_scan_work()
while still holding the scan_lock.
This would leave nvme_mpath_clear_ctrl_paths() without correct protection
against ctrl->namespaces modification by anyone other than scan_work.

Reviewed-by: Sagi Grimberg <sagi@grimberg.me>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Anton Eidelman <anton@lightbitslabs.com>
Signed-off-by: Keith Busch <kbusch@kernel.org>
2019-11-06 00:30:37 +09:00
..
accessibility
acpi ACPI fix for 5.4-rc5 2019-10-24 15:49:32 -04:00
amba ARM updates for 5.4-rc: 2019-10-23 06:26:33 -04:00
android binder: Don't modify VMA bounds in ->mmap handler 2019-10-17 05:58:44 -07:00
ata ata: libahci_platform: Fix regulator_get_optional() misuse 2019-10-25 14:22:20 -06:00
atm
auxdisplay
base PM: QoS: Drop frequency QoS types from device PM QoS 2019-10-21 02:05:21 +02:00
bcma
block nbd: verify socket is supported during setup 2019-10-25 14:37:21 -06:00
bluetooth
bus bus: ti-sysc: Fix watchdog quirk handling 2019-10-18 08:45:32 -07:00
cdrom
char char/random: Add a newline at the end of the file 2019-10-02 13:49:43 -07:00
clk Merge tag 'fix-missing-panels' into fixes 2019-10-04 09:06:41 -07:00
clocksource timer-of: don't use conditional expression with mixed 'void' types 2019-10-02 16:16:07 -07:00
connector
counter
cpufreq cpufreq: Cancel policy update work scheduled before freeing 2019-10-22 18:07:30 +02:00
cpuidle cpuidle: haltpoll: Take 'idle=' override into account 2019-10-22 11:43:17 +02:00
crypto
dax
dca
devfreq
dio
dma
dma-buf dma-buf/resv: fix exclusive fence get 2019-10-10 17:05:20 +02:00
edac EDAC/ghes: Fix Use after free in ghes_edac remove path 2019-10-17 11:27:05 +02:00
eisa
extcon
firewire
firmware Merge branch 'dmi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging 2019-10-15 09:20:07 -07:00
fpga
fsi
gnss
gpio gpio: lynxpoint: set default handler to be handle_bad_irq() 2019-10-15 01:19:05 +02:00
gpu Merge tag 'drm-fixes-5.4-2019-10-23' of git://people.freedesktop.org/~agd5f/linux into drm-fixes 2019-10-25 14:48:53 +10:00
greybus
hid HID: hyperv: Use in-place iterator API in the channel callback 2019-10-01 14:49:41 -04:00
hsi
hv Drivers: hv: vmbus: Fix harmless building warnings without CONFIG_PM_SLEEP 2019-10-01 14:49:45 -04:00
hwmon hwmon: (nct7904) Add array fan_alarm and vsen_alarm to store the alarms in nct7904_data struct. 2019-10-02 06:42:48 -07:00
hwspinlock
hwtracing
i2c i2c: stm32f7: remove warning when compiling with W=1 2019-10-24 20:52:21 +02:00
i3c
ide
idle
iio First set of IIO fixes for the 5.4 cycle. 2019-10-10 11:18:37 +02:00
infiniband RDMA/mlx5: Add missing synchronize_srcu() for MW cases 2019-10-04 15:54:22 -03:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2019-10-25 17:31:53 -04:00
interconnect
iommu dma-mapping fix for 5.4 2019-10-26 06:29:04 -04:00
ipack
irqchip irqchip updates for 5.4, take 2 2019-10-25 14:25:15 +02:00
isdn
leds
lightnvm
macintosh cpufreq: Use per-policy frequency QoS 2019-10-21 02:05:21 +02:00
mailbox
mcb
md for-linus-2019-10-18 2019-10-18 22:29:36 -04:00
media media: stkwebcam: fix runtime PM after driver unbind 2019-10-04 14:38:46 +02:00
memory
memstick memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' 2019-10-09 11:08:03 +02:00
message
mfd mfd: mt6397: Fix probe after changing mt6397-core 2019-10-24 08:49:25 +01:00
misc misc: fastrpc: prevent memory leak in fastrpc_dma_buf_attach 2019-10-04 18:22:14 +02:00
mmc mmc: mxs: fix flags passed to dmaengine_prep_slave_sg 2019-10-21 16:16:38 +02:00
mtd mtd: rawnand: au1550nd: Fix au_read_buf16() prototype 2019-10-07 09:56:36 +02:00
mux
net Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2019-10-19 17:09:11 -04:00
nfc NFC: pn533: fix use-after-free and memleaks 2019-10-08 16:52:26 -07:00
ntb
nubus
nvdimm libnvdimm fixes v5.4-rc1 2019-09-29 10:33:41 -07:00
nvme nvme-multipath: fix crash in nvme_mpath_clear_ctrl_paths 2019-11-06 00:30:37 +09:00
nvmem
of of: reserved_mem: add missing of_node_put() for proper ref-counting 2019-10-23 15:15:05 -05:00
opp opp: Reinitialize the list_kref before adding the static OPPs again 2019-10-23 10:58:44 +05:30
oprofile
parisc parisc: Remove 32-bit DMA enforcement from sba_iommu 2019-10-14 21:44:26 +02:00
parport
pci PCI: PM: Fix pci_power_up() 2019-10-15 23:51:36 +02:00
pcmcia
perf
phy
pinctrl pinctrl: aspeed-g6: Rename SD3 to EMMC and rework pin groups 2019-10-16 15:58:27 +02:00
platform platform/x86: i2c-multi-instantiate: Fail the probe if no IRQ provided 2019-10-14 15:31:50 +03:00
pnp
power
powercap
pps
ps3
ptp ptp: fix typo of "mechanism" in Kconfig help text 2019-10-07 14:55:46 -04:00
pwm
rapidio
ras
regulator regulator: Fixes for v5.4 2019-10-23 15:31:17 -04:00
remoteproc
reset ARM: SoC fixes 2019-09-30 10:04:28 -07:00
rpmsg
rtc
s390 s390/zcrypt: fix memleak at release 2019-10-22 17:55:51 +02:00
sbus
scsi SCSI fixes on 20191025 2019-10-25 20:11:33 -04:00
sfi
sh
siox
slimbus
soc soc: imx: imx-scu: Getting UID from SCU should have response 2019-10-06 09:21:38 +08:00
soundwire
spi
spmi
ssb
staging staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS 2019-10-14 15:40:08 +02:00
target SCSI fixes on 20191025 2019-10-25 20:11:33 -04:00
tc
tee
thermal cpufreq: Use per-policy frequency QoS 2019-10-21 02:05:21 +02:00
thunderbolt
tty 8250-men-mcb: fix error checking when get_num_ports returns -ENODEV 2019-10-15 21:38:41 +02:00
uio
usb usb: cdns3: Error out if USB_DR_MODE_UNKNOWN in cdns3_core_init_role() 2019-10-18 12:00:15 -07:00
vfio vfio/type1: Initialize resv_msi_base 2019-10-15 14:07:01 -06:00
vhost vhost/test: stop device before reset 2019-10-13 09:38:27 -04:00
video video/logo: do not generate unneeded logo C files 2019-10-05 15:29:49 +09:00
virt virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr 2019-10-10 14:50:32 +02:00
virtio
visorbus
vlynq
vme
w1 w1: ds250x: Fix build error without CRC16 2019-10-10 15:35:41 +02:00
watchdog
xen Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2019-10-19 17:09:11 -04:00
zorro
Kconfig
Makefile