github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 23:23:53 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
45b9d993df
linux/drivers
History
Sreekanth Reddy 3851b89b88 scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug 
commit cc41f11a21 upstream.

Generic protection fault type kernel panic is observed when user performs
soft (ordered) HBA unplug operation while IOs are running on drives
connected to HBA.

When user performs ordered HBA removal operation, the kernel calls PCI
device's .remove() call back function where driver is flushing out all the
outstanding SCSI IO commands with DID_NO_CONNECT host byte and also unmaps
sg buffers allocated for these IO commands.

However, in the ordered HBA removal case (unlike of real HBA hot removal),
HBA device is still alive and hence HBA hardware is performing the DMA
operations to those buffers on the system memory which are already unmapped
while flushing out the outstanding SCSI IO commands and this leads to
kernel panic.

Don't flush out the outstanding IOs from .remove() path in case of ordered
removal since HBA will be still alive in this case and it can complete the
outstanding IOs. Flush out the outstanding IOs only in case of 'physical
HBA hot unplug' where there won't be any communication with the HBA.

During shutdown also it is possible that HBA hardware can perform DMA
operations on those outstanding IO buffers which are completed with
DID_NO_CONNECT by the driver from .shutdown(). So same above fix is applied
in shutdown path as well.

It is safe to drop the outstanding commands when HBA is inaccessible such
as when permanent PCI failure happens, when HBA is in non-operational
state, or when someone does a real HBA hot unplug operation. Since driver
knows that HBA is inaccessible during these cases, it is safe to drop the
outstanding commands instead of waiting for SCSI error recovery to kick in
and clear these outstanding commands.

Link: https://lore.kernel.org/r/1585302763-23007-1-git-send-email-sreekanth.reddy@broadcom.com
Fixes: c666d3be99 ("scsi: mpt3sas: wait for and flush running commands on shutdown/unload")
Cc: stable@vger.kernel.org #v4.14.174+
Signed-off-by: Sreekanth Reddy <sreekanth.reddy@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-04-17 10:48:53 +02:00
..
accessibility
acpi x86/mm: split vmalloc_sync_all() 2020-03-25 08:06:13 +01:00
amba
android binder: Handle start==NULL in binder_update_page_range() 2019-12-13 08:52:52 +01:00
ata libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set 2020-04-17 10:48:52 +02:00
atm fore200e: Fix incorrect checks of NULL pointer dereference 2020-02-24 08:34:42 +01:00
auxdisplay
base firmware: fix a double abort case with fw_load_sysfs_fallback 2020-04-17 10:48:42 +02:00
bcma bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA 2020-01-27 14:51:09 +01:00
block xen/blkfront: fix memory allocation flags in blkfront_setup_indirect() 2020-04-17 10:48:53 +02:00
bluetooth Bluetooth: btusb: fix PM leak in error case of setup 2020-01-09 10:19:04 +01:00
bus bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads 2020-04-17 10:48:37 +02:00
cdrom cdrom: respect device capabilities during opening action 2020-01-04 19:13:12 +01:00
char ipmi: fix hung processes in __get_guid() 2020-04-17 10:48:53 +02:00
clk clk: ingenic/jz4770: Exit with error if CGU init failed 2020-04-17 10:48:52 +02:00
clocksource clocksource/drivers/bcm2835_timer: Fix memory leak of timer 2020-02-24 08:34:37 +01:00
connector
cpufreq cpufreq: powernv: Fix use-after-free 2020-04-17 10:48:52 +02:00
cpuidle cpuidle: Do not unset the driver if it is there already 2019-12-17 20:35:00 +01:00
crypto crypto: mxs-dcp - fix scatterlist linearization for hash 2020-04-17 10:48:49 +02:00
dax
dca
devfreq Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs" 2020-03-05 16:42:18 +01:00
dio
dma dmaengine: coh901318: Fix a double lock bug in dma_tc_handle() 2020-03-11 14:15:12 +01:00
dma-buf dma-buf: Fix memory leak in sync_file_merge() 2019-12-21 10:57:38 +01:00
edac EDAC/amd64: Set grain per DIMM 2020-03-11 14:14:45 +01:00
eisa
extcon extcon: axp288: Add wakeup support 2020-04-13 10:45:03 +02:00
firewire net: add annotations on hh->hh_len lockless accesses 2020-01-09 10:19:09 +01:00
firmware efi/x86: Ignore the memory attributes table on i386 2020-04-17 10:48:41 +02:00
fmc
fpga
fsi fsi: sbefifo: Don't fail operations when in SBE IPL state 2020-01-27 14:51:00 +01:00
gnss
gpio gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 CHT + AXP288 model 2020-04-02 15:28:23 +02:00
gpu drm/etnaviv: rework perfmon query infrastructure 2020-04-17 10:48:51 +02:00
hid HID: google: add moonball USB id 2020-03-20 11:55:59 +01:00
hsi
hv hv_balloon: Balloon up according to request page number 2020-02-11 04:34:01 -08:00
hwmon hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT() 2020-03-11 14:15:12 +01:00
hwspinlock
hwtracing intel_th: pci: Add Elkhart Lake CPU support 2020-03-25 08:06:11 +01:00
i2c i2c: st: fix missing struct parameter description 2020-04-17 10:48:38 +02:00
ide ide: serverworks: potential overflow in svwks_set_pio_mode() 2020-02-24 08:34:49 +01:00
idle
iio iio: light: vcnl4000: update sampling periods for vcnl4200 2020-03-25 08:06:13 +01:00
infiniband IB/mlx5: Replace tunnel mpls capability bits for tunnel_offloads 2020-04-17 10:48:43 +02:00
input Input: i8042 - add Acer Aspire 5738z to nomux list 2020-04-17 10:48:52 +02:00
iommu iommu/vt-d: Ignore devices with out-of-spec domain number 2020-03-18 07:14:24 +01:00
ipack
irqchip irqchip/versatile-fpga: Apply clear-mask earlier 2020-04-17 10:48:46 +02:00
isdn staging: gigaset: add endpoint-type sanity check 2019-12-17 20:34:33 +01:00
leds leds: pca963x: Fix open-drain initialization 2020-02-24 08:34:35 +01:00
lightnvm lightnvm: pblk: fix lock order in pblk_rb_tear_down_check 2020-01-27 14:50:45 +01:00
macintosh macintosh: windfarm: fix MODINFO regression 2020-03-18 07:14:21 +01:00
mailbox mailbox: qcom-apcs: fix max_register value 2020-01-27 14:51:14 +01:00
mcb
md dm verity fec: fix memory leak in verity_fec_dtr 2020-04-17 10:48:50 +02:00
media media: ti-vpe: cal: fix disable_irqs to only the intended target 2020-04-17 10:48:45 +02:00
memory memory: tegra: Don't invoke Tegra30+ specific memory timing setup on Tegra20 2020-01-27 14:50:13 +01:00
memstick
message scsi: mptfusion: Fix double fetch bug in ioctl 2020-01-23 08:21:28 +01:00
mfd mfd: rn5t618: Mark ADC control register volatile 2020-02-11 04:34:14 -08:00
misc mei: me: add cedar fork device ids 2020-04-13 10:45:03 +02:00
mmc mmc: sdhci-tegra: Fix busy detection by enabling MMC_CAP_NEED_RSP_BUSY 2020-04-02 15:28:10 +02:00
mtd mtd: spinand: Do not erase the block before writing a bad block marker 2020-04-17 10:48:48 +02:00
mux
net net: qualcomm: rmnet: Allow configuration updates to existing devices 2020-04-17 10:48:50 +02:00
nfc NFC: fdp: Fix a signedness bug in fdp_nci_send_patch() 2020-04-02 15:28:12 +02:00
ntb ntb_hw_switchtec: potential shift wrapping bug in switchtec_ntb_init_sndev() 2020-01-27 14:50:55 +01:00
nubus
nvdimm libnvdimm/btt: fix variable 'rc' set but not used 2020-01-04 19:13:00 +01:00
nvme nvme: Treat discovery subsystems as unique subsystems 2020-04-17 10:48:45 +02:00
nvmem nvmem: imx-ocotp: Change TIMING calculation to u-boot algorithm 2020-01-27 14:50:58 +01:00
of drivers/of/of_mdio.c:fix of_mdiobus_register() 2020-04-02 15:28:14 +02:00
opp OPP: Fix missing debugfs supply directory for OPPs 2020-01-27 14:50:04 +01:00
oprofile
parisc
parport parport: load lowlevel driver if ports not found 2019-12-31 16:36:01 +01:00
pci PCI: endpoint: Fix for concurrent memory allocation in OB address region 2020-04-17 10:48:46 +02:00
pcmcia
perf drivers/perf: arm_pmu_acpi: Fix incorrect checking of gicc pointer 2020-03-25 08:06:07 +01:00
phy phy: mapphone-mdm6600: Fix write timeouts with shorter GPIO toggle interval 2020-03-11 14:15:10 +01:00
pinctrl pinctrl: core: Remove extra kref_get which blocks hogs being freed 2020-03-18 07:14:23 +01:00
platform platform/x86: pmc_atom: Add Lex 2I385SW to critclk_systems DMI table 2020-04-02 15:28:23 +02:00
pnp
power power: supply: axp288_charger: Add special handling for HP Pavilion x2 10 2020-04-13 10:45:04 +02:00
powercap
pps
ps3
ptp ptp: free ptp device pin descriptors properly 2020-01-23 08:21:35 +01:00
pwm pwm: omap-dmtimer: put_device() after of_find_device_by_node() 2020-03-05 16:42:22 +01:00
rapidio drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen() 2020-01-27 14:50:31 +01:00
ras
regulator regulator: rk808: Lower log level on optional GPIOs being not available 2020-02-24 08:34:40 +01:00
remoteproc remoteproc: Initialize rproc_class before use 2020-02-24 08:34:50 +01:00
reset reset: uniphier: Add SCSSI reset control for each channel 2020-02-24 08:34:44 +01:00
rpmsg rpmsg: glink: Remove chunk size word align warning 2020-04-13 10:45:16 +02:00
rtc rtc: omap: Use define directive for PIN_CONFIG_ACTIVE_HIGH 2020-04-17 10:48:51 +02:00
s390 scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point 2020-04-17 10:48:50 +02:00
sbus
scsi scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug 2020-04-17 10:48:53 +02:00
sfi
sh
siox
slimbus slimbus: ngd: Fix build error on x86 2019-12-13 08:51:54 +01:00
sn
soc soc/tegra: fuse: Fix build with Tegra194 configuration 2020-03-05 16:42:13 +01:00
soundwire soundwire: intel: fix PDI/stream mapping for Bulk 2019-12-31 16:35:55 +01:00
spi spi/zynqmp: remove entry that causes a cs glitch 2020-03-25 08:06:06 +01:00
spmi
ssb
staging erofs: correct the remaining shrink objects 2020-04-17 10:48:49 +02:00
target scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session" 2020-02-28 16:38:58 +01:00
tc
tee tee: optee: Fix compilation issue with nommu 2020-02-05 14:43:50 +00:00
thermal thermal: brcmstb_thermal: Do not use DT coefficients 2020-03-05 16:42:22 +01:00
thunderbolt thunderbolt: Prevent crash if non-active NVMem file is read 2020-02-28 16:38:44 +01:00
tty vt: vt_ioctl: fix use-after-free in vt_in_use() 2020-04-02 15:28:23 +02:00
uio uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol() 2020-02-24 08:34:37 +01:00
usb usb: gadget: composite: Inform controller driver of self-powered 2020-04-17 10:48:44 +02:00
uwb
vfio vfio/mdev: Fix aborting mdev child device removal if one fails 2020-01-27 14:50:46 +01:00
vhost vhost: Check docket sk_family instead of call getname 2020-03-05 16:42:18 +01:00
video fbcon: fix null-ptr-deref in fbcon_switch 2020-04-13 10:45:14 +02:00
virt
virtio virtio_balloon: prevent pfn array overflow 2020-02-24 08:34:54 +01:00
visorbus visorbus: fix uninitialized variable access 2020-02-24 08:34:47 +01:00
vlynq
vme vme: bridges: reduce stack usage 2020-02-24 08:34:47 +01:00
w1 w1: IAD Register is yet readable trough iad sys file. Fix snprintf (%u for unsigned, count for max size). 2019-12-01 09:16:22 +01:00
watchdog watchdog: da9062: do not ping the hw during stop() 2020-03-11 14:14:53 +01:00
xen xenbus: req->err should be updated before req->state 2020-03-25 08:06:08 +01:00
zorro
Kconfig
Makefile