Martin K. Petersen [Wed, 14 Mar 2018 16:15:56 +0000 (12:15 -0400)]
scsi: sd: Remember that READ CAPACITY(16) succeeded
The USB storage glue sets the try_rc_10_first flag in an attempt to
avoid wedging poorly implemented legacy USB devices.
If the device capacity is too large to be expressed in the provided
response buffer field of READ CAPACITY(10), a well-behaved device will
set the reported capacity to 0xFFFFFFFF. We will then attempt to issue a
READ CAPACITY(16) to obtain the real capacity.
Since this part of the discovery logic is not covered by the first_scan
flag, a warning will be printed a couple of times times per revalidate
attempt if we upgrade from READ CAPACITY(10) to READ CAPACITY(16).
Remember that we have successfully issued READ CAPACITY(16) so we can
take the fast path on subsequent revalidate attempts.
Reported-by: Menion <menion@gmail.com>
Reviewed-by: Laurence Oberman <loberman@redhat.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Brian King [Wed, 14 Mar 2018 22:13:39 +0000 (17:13 -0500)]
scsi: ibmvfc: Avoid unnecessary port relogin
Following an RSCN, ibmvfc will issue an ADISC to determine if the
underlying target has changed, comparing the SCSI ID, WWPN, and WWNN to
determine how to handle the rport in discovery. However, the comparison
of the WWPN and WWNN was performing a memcmp between a big endian field
against a CPU endian field, which resulted in the wrong answer on LE
systems. This was observed as unexpected errors getting logged at boot
time as targets were getting relogins when not needed.
Signed-off-by: Brian King <brking@linux.vnet.ibm.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Ming Lei [Tue, 13 Mar 2018 09:42:43 +0000 (17:42 +0800)]
scsi: virtio_scsi: unify scsi_host_template
Now that virtio_scsi uses blk-mq exclusively, we can remove the
scsi_host_template and associated plumbing for the legacy I/O path.
[mkp: commit desc]
Cc: Omar Sandoval <osandov@fb.com>,
Cc: "Martin K. Petersen" <martin.petersen@oracle.com>,
Cc: James Bottomley <james.bottomley@hansenpartnership.com>,
Cc: Christoph Hellwig <hch@lst.de>,
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Mike Snitzer <snitzer@redhat.com>
Cc: Laurence Oberman <loberman@redhat.com>
Cc: Hannes Reinecke <hare@suse.de>
Signed-off-by: Ming Lei <ming.lei@redhat.com>
Suggested-by: Christoph Hellwig <hch@lst.de>,
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Ming Lei [Tue, 13 Mar 2018 09:42:42 +0000 (17:42 +0800)]
scsi: virtio_scsi: fix IO hang caused by automatic irq vector affinity
Since commit
84676c1f21e8ff5 ("genirq/affinity: assign vectors to all
possible CPUs") it is possible to end up in a scenario where only
offline CPUs are mapped to an interrupt vector.
This is only an issue for the legacy I/O path since with blk-mq/scsi-mq
an I/O can't be submitted to a hardware queue if the queue isn't mapped
to an online CPU.
Fix this issue by forcing virtio-scsi to use blk-mq.
[mkp: commit desc]
Cc: Omar Sandoval <osandov@fb.com>,
Cc: "Martin K. Petersen" <martin.petersen@oracle.com>,
Cc: James Bottomley <james.bottomley@hansenpartnership.com>,
Cc: Christoph Hellwig <hch@lst.de>,
Cc: Don Brace <don.brace@microsemi.com>
Cc: Kashyap Desai <kashyap.desai@broadcom.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Mike Snitzer <snitzer@redhat.com>
Cc: Laurence Oberman <loberman@redhat.com>
Fixes:
84676c1f21e8 ("genirq/affinity: assign vectors to all possible CPUs")
Signed-off-by: Ming Lei <ming.lei@redhat.com>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Ming Lei [Tue, 13 Mar 2018 09:42:41 +0000 (17:42 +0800)]
scsi: core: introduce force_blk_mq
This patch introduces 'force_blk_mq' to the scsi_host_template so that
drivers that have no desire to support the legacy I/O path can signal
blk-mq only support.
[mkp: commit desc]
Cc: Omar Sandoval <osandov@fb.com>,
Cc: "Martin K. Petersen" <martin.petersen@oracle.com>,
Cc: James Bottomley <james.bottomley@hansenpartnership.com>,
Cc: Christoph Hellwig <hch@lst.de>,
Cc: Don Brace <don.brace@microsemi.com>
Cc: Kashyap Desai <kashyap.desai@broadcom.com>
Cc: Mike Snitzer <snitzer@redhat.com>
Cc: Laurence Oberman <loberman@redhat.com>
Signed-off-by: Ming Lei <ming.lei@redhat.com>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Ming Lei [Tue, 13 Mar 2018 09:42:40 +0000 (17:42 +0800)]
scsi: megaraid_sas: fix selection of reply queue
Since commit
84676c1f21e8 ("genirq/affinity: assign vectors to all
possible CPUs") we could end up with an MSI-X vector that did not have
any online CPUs mapped. This would lead to I/O hangs since there was no
CPU to receive the completion.
Retrieve IRQ affinity information using pci_irq_get_affinity() and use
this mapping to choose a reply queue.
[mkp: tweaked commit desc]
Cc: Hannes Reinecke <hare@suse.de>
Cc: "Martin K. Petersen" <martin.petersen@oracle.com>,
Cc: James Bottomley <james.bottomley@hansenpartnership.com>,
Cc: Christoph Hellwig <hch@lst.de>,
Cc: Don Brace <don.brace@microsemi.com>
Cc: Kashyap Desai <kashyap.desai@broadcom.com>
Cc: Laurence Oberman <loberman@redhat.com>
Cc: Mike Snitzer <snitzer@redhat.com>
Cc: Meelis Roos <mroos@linux.ee>
Cc: Artem Bityutskiy <artem.bityutskiy@intel.com>
Fixes:
84676c1f21e8 ("genirq/affinity: assign vectors to all possible CPUs")
Signed-off-by: Ming Lei <ming.lei@redhat.com>
Acked-by: Kashyap Desai <kashyap.desai@broadcom.com>
Tested-by: Kashyap Desai <kashyap.desai@broadcom.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Tested-by: Artem Bityutskiy <artem.bityutskiy@intel.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Ming Lei [Tue, 13 Mar 2018 09:42:39 +0000 (17:42 +0800)]
scsi: hpsa: fix selection of reply queue
Since commit
84676c1f21e8 ("genirq/affinity: assign vectors to all
possible CPUs") we could end up with an MSI-X vector that did not have
any online CPUs mapped. This would lead to I/O hangs since there was no
CPU to receive the completion.
Retrieve IRQ affinity information using pci_irq_get_affinity() and use
this mapping to choose a reply queue.
[mkp: tweaked commit desc]
Cc: Hannes Reinecke <hare@suse.de>
Cc: "Martin K. Petersen" <martin.petersen@oracle.com>,
Cc: James Bottomley <james.bottomley@hansenpartnership.com>,
Cc: Christoph Hellwig <hch@lst.de>,
Cc: Don Brace <don.brace@microsemi.com>
Cc: Kashyap Desai <kashyap.desai@broadcom.com>
Cc: Laurence Oberman <loberman@redhat.com>
Cc: Meelis Roos <mroos@linux.ee>
Cc: Artem Bityutskiy <artem.bityutskiy@intel.com>
Cc: Mike Snitzer <snitzer@redhat.com>
Fixes:
84676c1f21e8 ("genirq/affinity: assign vectors to all possible CPUs")
Signed-off-by: Ming Lei <ming.lei@redhat.com>
Tested-by: Laurence Oberman <loberman@redhat.com>
Tested-by: Don Brace <don.brace@microsemi.com>
Tested-by: Artem Bityutskiy <artem.bityutskiy@intel.com>
Acked-by: Don Brace <don.brace@microsemi.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Himanshu Madhani [Wed, 7 Mar 2018 18:49:26 +0000 (10:49 -0800)]
scsi: qla2xxx: Remove FC_NO_LOOP_ID for FCP and FC-NVMe Discovery
Commit
7d64c39e64310 fixed regression of FCP discovery when Nport Handle
is in-use and relogin is triggered. However, during FCP and FC-NVMe
discovery this resulted into only discovering NVMe LUNs.
This patch fixes issue where FCP and FC-NVMe protocol is used on same
port where assigning FC_NO_LOOP_ID will result into discovery failure
for FCP LUNs.
Fixes:
a084fd68e1d26 ("scsi: qla2xxx: Fix re-login for Nport Handle in use")
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Reviewed-by: Hannes Reinecke <hare@suse.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Jason Yan [Thu, 8 Mar 2018 02:34:53 +0000 (10:34 +0800)]
scsi: libsas: defer ata device eh commands to libata
When ata device doing EH, some commands still attached with tasks are
not passed to libata when abort failed or recover failed, so libata did
not handle these commands. After these commands done, sas task is freed,
but ata qc is not freed. This will cause ata qc leak and trigger a
warning like below:
WARNING: CPU: 0 PID: 28512 at drivers/ata/libata-eh.c:4037
ata_eh_finish+0xb4/0xcc
CPU: 0 PID: 28512 Comm: kworker/u32:2 Tainted: G W OE 4.14.0#1
......
Call trace:
[<
ffff0000088b7bd0>] ata_eh_finish+0xb4/0xcc
[<
ffff0000088b8420>] ata_do_eh+0xc4/0xd8
[<
ffff0000088b8478>] ata_std_error_handler+0x44/0x8c
[<
ffff0000088b8068>] ata_scsi_port_error_handler+0x480/0x694
[<
ffff000008875fc4>] async_sas_ata_eh+0x4c/0x80
[<
ffff0000080f6be8>] async_run_entry_fn+0x4c/0x170
[<
ffff0000080ebd70>] process_one_work+0x144/0x390
[<
ffff0000080ec100>] worker_thread+0x144/0x418
[<
ffff0000080f2c98>] kthread+0x10c/0x138
[<
ffff0000080855dc>] ret_from_fork+0x10/0x18
If ata qc leaked too many, ata tag allocation will fail and io blocked
for ever.
As suggested by Dan Williams, defer ata device commands to libata and
merge sas_eh_finish_cmd() with sas_eh_defer_cmd(). libata will handle
ata qcs correctly after this.
Signed-off-by: Jason Yan <yanaijie@huawei.com>
CC: Xiaofei Tan <tanxiaofei@huawei.com>
CC: John Garry <john.garry@huawei.com>
CC: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Jeremy Cline [Tue, 6 Mar 2018 21:47:32 +0000 (21:47 +0000)]
scsi: sd: Keep disk read-only when re-reading partition
If the read-only flag is true on a SCSI disk, re-reading the partition
table sets the flag back to false.
To observe this bug, you can run:
1. blockdev --setro /dev/sda
2. blockdev --rereadpt /dev/sda
3. blockdev --getro /dev/sda
This commit reads the disk's old state and combines it with the device
disk-reported state rather than unconditionally marking it as RW.
Reported-by: Li Ning <lining916740672@icloud.com>
Signed-off-by: Jeremy Cline <jeremy@jcline.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Bill Kuzeja [Mon, 5 Mar 2018 05:02:55 +0000 (00:02 -0500)]
scsi: qla2xxx: Fix crashes in qla2x00_probe_one on probe failure
Because of the shifting around of code in qla2x00_probe_one recently,
failures during adapter initialization can lead to problems, i.e. NULL
pointer crashes and doubly freed data structures which cause eventual
panics.
This V2 version makes the relevant memory free routines idempotent, so
repeat calls won't cause any harm. I also removed the problematic
probe_init_failed exit point as it is not needed.
Fixes:
d64d6c5671db ("scsi: qla2xxx: Fix NULL pointer crash due to probe failure")
Signed-off-by: Bill Kuzeja <william.kuzeja@stratus.com>
Acked-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Reviewed-by: Hannes Reinecke <hare@suse.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Damien Le Moal [Thu, 1 Mar 2018 22:19:28 +0000 (07:19 +0900)]
scsi: sd_zbc: Fix potential memory leak
Rework sd_zbc_check_zone_size() to avoid a memory leak due to an early
return if sd_zbc_report_zones() fails.
Reported-by: David.butterfield <david.butterfield@wdc.com>
Signed-off-by: Damien Le Moal <damien.lemoal@wdc.com>
Cc: stable@vger.kernel.org
Reviewed-by: Bart Van Assche <bart.vanassche@wdc.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Hannes Reinecke [Mon, 26 Feb 2018 14:26:01 +0000 (15:26 +0100)]
scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM
The firmware event workqueue should not be marked as WQ_MEM_RECLAIM
as it's doesn't need to make forward progress under memory pressure.
In the current state it will result in a deadlock if the device had been
forcefully removed.
Cc: Sreekanth Reddy <sreekanth.reddy@broadcom.com>
Cc: Suganath Prabu Subramani <suganath-prabu.subramani@broadcom.com>
Acked-by: Sreekanth Reddy <Sreekanth.Reddy@broadcom.com>
Signed-off-by: Hannes Reinecke <hare@suse.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Manish Rangankar [Mon, 26 Feb 2018 09:01:17 +0000 (01:01 -0800)]
scsi: qedi: Fix kernel crash during port toggle
BUG: unable to handle kernel NULL pointer dereference at
0000000000000100
[ 985.596918] IP: _raw_spin_lock_bh+0x17/0x30
[ 985.601581] PGD 0 P4D 0
[ 985.604405] Oops: 0002 [#1] SMP
:
[ 985.704533] CPU: 16 PID: 1156 Comm: qedi_thread/16 Not tainted 4.16.0-rc2 #1
[ 985.712397] Hardware name: Dell Inc. PowerEdge R730/0599V5, BIOS 2.4.3 01/17/2017
[ 985.720747] RIP: 0010:_raw_spin_lock_bh+0x17/0x30
[ 985.725996] RSP: 0018:
ffffa4b1c43d3e10 EFLAGS:
00010246
[ 985.731823] RAX:
0000000000000000 RBX:
ffff94a31bd03000 RCX:
0000000000000000
[ 985.739783] RDX:
0000000000000001 RSI:
ffff94a32fa16938 RDI:
0000000000000100
[ 985.747744] RBP:
0000000000000004 R08:
0000000000000000 R09:
0000000000000a33
[ 985.755703] R10:
0000000000000000 R11:
ffffa4b1c43d3af0 R12:
0000000000000000
[ 985.763662] R13:
ffff94a301f40818 R14:
0000000000000000 R15:
000000000000000c
[ 985.771622] FS:
0000000000000000(0000) GS:
ffff94a32fa00000(0000) knlGS:
0000000000000000
[ 985.780649] CS: 0010 DS: 0000 ES: 0000 CR0:
0000000080050033
[ 985.787057] CR2:
0000000000000100 CR3:
000000067a009006 CR4:
00000000001606e0
[ 985.795017] Call Trace:
[ 985.797747] qedi_fp_process_cqes+0x258/0x980 [qedi]
[ 985.803294] qedi_percpu_io_thread+0x10f/0x1b0 [qedi]
[ 985.808931] kthread+0xf5/0x130
[ 985.812434] ? qedi_free_uio+0xd0/0xd0 [qedi]
[ 985.817298] ? kthread_bind+0x10/0x10
[ 985.821372] ? do_syscall_64+0x6e/0x1a0
Signed-off-by: Manish Rangankar <manish.rangankar@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Darren Trapp [Wed, 28 Feb 2018 00:31:12 +0000 (16:31 -0800)]
scsi: qla2xxx: Fix FC-NVMe LUN discovery
commit
a4239945b8ad ("scsi: qla2xxx: Add switch command to simplify
fabric discovery") introduced regression when it did not consider
FC-NVMe code path which broke NVMe LUN discovery.
Fixes:
a4239945b8ad ("scsi: qla2xxx: Add switch command to simplify fabric discovery")
Signed-off-by: Darren Trapp <darren.trapp@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Hannes Reinecke [Mon, 26 Feb 2018 07:39:59 +0000 (08:39 +0100)]
scsi: core: return BLK_STS_OK for DID_OK in __scsi_error_from_host_byte()
When converting __scsi_error_from_host_byte() to BLK_STS error codes the
case DID_OK was forgotten, resulting in it always returning an error.
Fixes:
2a842acab109 ("block: introduce new block status code type")
Cc: Doug Gilbert <dgilbert@interlog.com>
Signed-off-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Douglas Gilbert <dgilbert@interlog.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Bart Van Assche [Thu, 22 Feb 2018 19:30:20 +0000 (11:30 -0800)]
scsi: core: Avoid that ATA error handling can trigger a kernel hang or oops
Avoid that the recently introduced call_rcu() call in the SCSI core
triggers a double call_rcu() call.
Reported-by: Natanael Copa <ncopa@alpinelinux.org>
Reported-by: Damien Le Moal <damien.lemoal@wdc.com>
References: https://bugzilla.kernel.org/show_bug.cgi?id=198861
Fixes:
3bd6f43f5cb3 ("scsi: core: Ensure that the SCSI error handler gets woken up")
Signed-off-by: Bart Van Assche <bart.vanassche@wdc.com>
Reviewed-by: Damien Le Moal <damien.lemoal@wdc.com>
Tested-by: Damien Le Moal <damien.lemoal@wdc.com>
Cc: Natanael Copa <ncopa@alpinelinux.org>
Cc: Damien Le Moal <damien.lemoal@wdc.com>
Cc: Alexandre Oliva <oliva@gnu.org>
Cc: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Cc: Hannes Reinecke <hare@suse.com>
Cc: Johannes Thumshirn <jthumshirn@suse.de>
Cc: <stable@vger.kernel.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Hannes Reinecke [Thu, 22 Feb 2018 08:49:37 +0000 (09:49 +0100)]
scsi: qla2xxx: ensure async flags are reset correctly
The fcport flags FCF_ASYNC_ACTIVE and FCF_ASYNC_SENT are used to
throttle the state machine, so we need to ensure to always set and unset
them correctly. Not doing so will lead to the state machine getting
confused and no login attempt into remote ports.
Cc: Quinn Tran <quinn.tran@cavium.com>
Cc: Himanshu Madhani <himanshu.madhani@cavium.com>
Fixes:
3dbec59bdf63 ("scsi: qla2xxx: Prevent multiple active discovery commands per session")
Signed-off-by: Hannes Reinecke <hare@suse.com>
Acked-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Hannes Reinecke [Thu, 22 Feb 2018 08:49:36 +0000 (09:49 +0100)]
scsi: qla2xxx: do not check login_state if no loop id is assigned
When no loop id is assigned in qla24xx_fcport_handle_login() the login
state needs to be ignored; it will get set later on in
qla_chk_n2n_b4_login().
Cc: Quinn Tran <quinn.tran@cavium.com>
Cc: Himanshu Madhani <himanshu.madhani@cavium.com>
Fixes:
040036bb0bc1 ("scsi: qla2xxx: Delay loop id allocation at login")
Signed-off-by: Hannes Reinecke <hare@suse.com>
Acked-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Hannes Reinecke [Thu, 22 Feb 2018 08:49:35 +0000 (09:49 +0100)]
scsi: qla2xxx: Fixup locking for session deletion
Commit
d8630bb95f46 ('Serialize session deletion by using work_lock')
tries to fixup a deadlock when deleting sessions, but fails to take into
account the locking rules. This patch resolves the situation by
introducing a separate lock for processing the GNLIST response, and
ensures that sess_lock is released before calling
qlt_schedule_sess_delete().
Cc: Himanshu Madhani <himanshu.madhani@cavium.com>
Cc: Quinn Tran <quinn.tran@cavium.com>
Fixes:
d8630bb95f46 ("scsi: qla2xxx: Serialize session deletion by using work_lock")
Signed-off-by: Hannes Reinecke <hare@suse.com>
Acked-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
himanshu.madhani@cavium.com [Mon, 12 Feb 2018 18:28:14 +0000 (10:28 -0800)]
scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS
This patch fixes NULL pointer crash due to active timer running for abort
IOCB.
From crash dump analysis it was discoverd that get_next_timer_interrupt()
encountered a corrupted entry on the timer list.
#9 [
ffff95e1f6f0fd40] page_fault at
ffffffff914fe8f8
[exception RIP: get_next_timer_interrupt+440]
RIP:
ffffffff90ea3088 RSP:
ffff95e1f6f0fdf0 RFLAGS:
00010013
RAX:
ffff95e1f6451028 RBX:
000218e2389e5f40 RCX:
00000001232ad600
RDX:
0000000000000001 RSI:
ffff95e1f6f0fdf0 RDI:
0000000001232ad6
RBP:
ffff95e1f6f0fe40 R8:
ffff95e1f6451188 R9:
0000000000000001
R10:
0000000000000016 R11:
0000000000000016 R12:
00000001232ad5f6
R13:
ffff95e1f6450000 R14:
ffff95e1f6f0fdf8 R15:
ffff95e1f6f0fe10
ORIG_RAX:
ffffffffffffffff CS: 0010 SS: 0018
Looking at the assembly of get_next_timer_interrupt(), address came
from %r8 (
ffff95e1f6451188) which is pointing to list_head with single
entry at
ffff95e5ff621178.
0xffffffff90ea307a <get_next_timer_interrupt+426>: mov (%r8),%rdx
0xffffffff90ea307d <get_next_timer_interrupt+429>: cmp %r8,%rdx
0xffffffff90ea3080 <get_next_timer_interrupt+432>: je 0xffffffff90ea30a7 <get_next_timer_interrupt+471>
0xffffffff90ea3082 <get_next_timer_interrupt+434>: nopw 0x0(%rax,%rax,1)
0xffffffff90ea3088 <get_next_timer_interrupt+440>: testb $0x1,0x18(%rdx)
crash> rd
ffff95e1f6451188 10
ffff95e1f6451188:
ffff95e5ff621178 ffff95e5ff621178 x.b.....x.b.....
ffff95e1f6451198:
ffff95e1f6451198 ffff95e1f6451198 ..E.......E.....
ffff95e1f64511a8:
ffff95e1f64511a8 ffff95e1f64511a8 ..E.......E.....
ffff95e1f64511b8:
ffff95e77cf509a0 ffff95e77cf509a0 ...|.......|....
ffff95e1f64511c8:
ffff95e1f64511c8 ffff95e1f64511c8 ..E.......E.....
crash> rd
ffff95e5ff621178 10
ffff95e5ff621178:
0000000000000001 ffff95e15936aa00 ..........6Y....
ffff95e5ff621188:
0000000000000000 00000000ffffffff ................
ffff95e5ff621198:
00000000000000a0 0000000000000010 ................
ffff95e5ff6211a8:
ffff95e5ff621198 000000000000000c ..b.............
ffff95e5ff6211b8:
00000f5800000000 ffff95e751f8d720 ....X... ..Q....
ffff95e5ff621178 belongs to freed mempool object at
ffff95e5ff621080.
CACHE NAME OBJSIZE ALLOCATED TOTAL SLABS SSIZE
ffff95dc7fd74d00 mnt_cache 384 19785 24948 594 16k
SLAB MEMORY NODE TOTAL ALLOCATED FREE
ffffdc5dabfd8800 ffff95e5ff620000 1 42 29 13
FREE / [ALLOCATED]
ffff95e5ff621080 (cpu 6 cache)
Examining the contents of that memory reveals a pointer to a constant string
in the driver, "abort\0", which is set by qla24xx_async_abort_cmd().
crash> rd
ffffffffc059277c 20
ffffffffc059277c:
6e490074726f6261 0074707572726574 abort.Interrupt.
ffffffffc059278c:
00676e696c6c6f50 6920726576697244 Polling.Driver i
ffffffffc059279c:
646f6d207325206e 6974736554000a65 n %s mode..Testi
ffffffffc05927ac:
636976656420676e 786c252074612065 ng device at %lx
ffffffffc05927bc:
6b63656843000a2e 646f727020676e69 ...Checking prod
ffffffffc05927cc:
6f20444920746375 0a2e706968632066 uct ID of chip..
ffffffffc05927dc:
5120646e756f4600 204130303232414c .Found QLA2200A
ffffffffc05927ec:
43000a2e70696843 20676e696b636568 Chip...Checking
ffffffffc05927fc:
65786f626c69616d 6c636e69000a2e73 mailboxes...incl
ffffffffc059280c:
756e696c2f656475 616d2d616d642f78 ude/linux/dma-ma
crash> struct -ox srb_iocb
struct srb_iocb {
union {
struct {...} logio;
struct {...} els_logo;
struct {...} tmf;
struct {...} fxiocb;
struct {...} abt;
struct ct_arg ctarg;
struct {...} mbx;
struct {...} nack;
[0x0 ] } u;
[0xb8] struct timer_list timer;
[0x108] void (*timeout)(void *);
}
SIZE: 0x110
crash> ! bc
ibase=16
obase=10
B8+40
F8
The object is a srb_t, and at offset 0xf8 within that structure
(i.e.
ffff95e5ff621080 + f8 ->
ffff95e5ff621178) is a struct timer_list.
Cc: <stable@vger.kernel.org> #4.4+
Fixes:
4440e46d5db7 ("[SCSI] qla2xxx: Add IOCB Abort command asynchronous handling.")
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Sreekanth Reddy [Fri, 16 Feb 2018 22:39:58 +0000 (20:39 -0200)]
scsi: mpt3sas: wait for and flush running commands on shutdown/unload
This patch finishes all outstanding SCSI IO commands (but not other commands,
e.g., task management) in the shutdown and unload paths.
It first waits for the commands to complete (this is done after setting
'ioc->remove_host = 1 ', which prevents new commands to be queued) then it
flushes commands that might still be running.
This avoids triggering error handling (e.g., abort command) for all commands
possibly completed by the adapter after interrupts disabled.
[mauricfo: introduced something in commit message.]
Signed-off-by: Sreekanth Reddy <sreekanth.reddy@broadcom.com>
Tested-by: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com>
Signed-off-by: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Mauricio Faria de Oliveira [Fri, 16 Feb 2018 22:39:57 +0000 (20:39 -0200)]
scsi: mpt3sas: fix oops in error handlers after shutdown/unload
This patch adds checks for 'ioc->remove_host' in the SCSI error handlers, so
not to access pointers/resources potentially freed in the PCI shutdown/module
unload path. The error handlers may be invoked after shutdown/unload,
depending on other components.
This problem was observed with kexec on a system with a mpt3sas based adapter
and an infiniband adapter which takes long enough to shutdown:
The mpt3sas driver finished shutting down / disabled interrupt handling, thus
some commands have not finished and timed out.
Since the system was still running (waiting for the infiniband adapter to
shutdown), the scsi error handler for task abort of mpt3sas was invoked, and
hit an oops -- either in scsih_abort() because 'ioc->scsi_lookup' was NULL
without commit
dbec4c9040ed ("scsi: mpt3sas: lockless command submission"), or
later up in scsih_host_reset() (with or without that commit), because it
eventually called mpt3sas_base_get_iocstate().
After the above commit, the oops in scsih_abort() does not occur anymore
(_scsih_scsi_lookup_find_by_scmd() is no longer called), but that commit is
too big and out of the scope of linux-stable, where this patch might help, so
still go for the changes.
Also, this might help to prevent similar errors in the future, in case code
changes and possibly tries to access freed stuff.
Note the fix in scsih_host_reset() is still important anyway.
Signed-off-by: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com>
Acked-by: Sreekanth Reddy <Sreekanth.Reddy@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Michael Kelley (EOSG) [Wed, 24 Jan 2018 22:14:08 +0000 (22:14 +0000)]
scsi: storvsc: Spread interrupts when picking a channel for I/O requests
Update the algorithm in storvsc_do_io to look for a channel
starting with the current CPU + 1 and wrap around (within the
current NUMA node). This spreads VMbus interrupts more evenly
across CPUs. Previous code always started with first CPU in
the current NUMA node, skewing the interrupt load to that CPU.
Signed-off-by: Michael Kelley <mikelley@microsoft.com>
Reviewed-by: Long Li <longli@microsoft.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Wed, 14 Feb 2018 08:10:52 +0000 (00:10 -0800)]
scsi: megaraid_sas: Do not use 32-bit atomic request descriptor for Ventura controllers
Problem Statement: Sending I/O through 32 bit descriptors to Ventura series of
controller results in IO timeout on certain conditions.
This error only occurs on systems with high I/O activity on Ventura series
controllers.
Changes in this patch will prevent driver from using 32 bit descriptor and use
64 bit Descriptors.
Cc: <stable@vger.kernel.org>
Signed-off-by: Kashyap Desai <kashyap.desai@broadcom.com>
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Reviewed-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Tomas Henzl <thenzl@redhat.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Manish Rangankar [Mon, 12 Feb 2018 06:48:41 +0000 (22:48 -0800)]
scsi: qla4xxx: skip error recovery in case of register disconnect.
A system crashes when continuously removing/re-adding the storage
controller.
Signed-off-by: Manish Rangankar <manish.rangankar@cavium.com>
Reviewed-by: Ewan D. Milne <emilne@redhat.com>
Reviewed-by: Tomas Henzl <thenzl@redhat.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Meelis Roos [Fri, 9 Feb 2018 06:57:44 +0000 (08:57 +0200)]
scsi: aacraid: fix shutdown crash when init fails
When aacraid init fails with "AAC0: adapter self-test failed.", shutdown
leads to UBSAN warning and then oops:
[154316.118423] ================================================================================
[154316.118508] UBSAN: Undefined behaviour in drivers/scsi/scsi_lib.c:2328:27
[154316.118566] member access within null pointer of type 'struct Scsi_Host'
[154316.118631] CPU: 2 PID: 14530 Comm: reboot Tainted: G W 4.15.0-dirty #89
[154316.118701] Hardware name: Hewlett Packard HP NetServer/HP System Board, BIOS 4.06.46 PW 06/25/2003
[154316.118774] Call Trace:
[154316.118848] dump_stack+0x48/0x65
[154316.118916] ubsan_epilogue+0xe/0x40
[154316.118976] __ubsan_handle_type_mismatch+0xfb/0x180
[154316.119043] scsi_block_requests+0x20/0x30
[154316.119135] aac_shutdown+0x18/0x40 [aacraid]
[154316.119196] pci_device_shutdown+0x33/0x50
[154316.119269] device_shutdown+0x18a/0x390
[...]
[154316.123435] BUG: unable to handle kernel NULL pointer dereference at
000000f4
[154316.123515] IP: scsi_block_requests+0xa/0x30
This is because aac_shutdown() does
struct Scsi_Host *shost = pci_get_drvdata(dev);
scsi_block_requests(shost);
and that assumes shost has been assigned with pci_set_drvdata().
However, pci_set_drvdata(pdev, shost) is done in aac_probe_one() far
after bailing out with error from calling the init function
((*aac_drivers[index].init)(aac)), and when the init function fails, no
error is returned from aac_probe_one() so PCI layer assumes there is
driver attached, and tries to shut it down later.
Fix it by returning error from aac_probe_one() when card-specific init
function fails.
This fixes reboot on my HP NetRAID-4M with dead battery.
Signed-off-by: Meelis Roos <mroos@linux.ee>
Reviewed-by: Dave Carroll <david.carroll@microsemi.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Nilesh Javali [Wed, 7 Feb 2018 16:12:36 +0000 (08:12 -0800)]
scsi: qedi: Cleanup local str variable
Signed-off-by: Nilesh Javali <nilesh.javali@cavium.com>
Reviewed-by: Bart Van Assche <bart.vanassche@wdc.com>
Acked-by: Chris Leech <cleech@redhat.com>
Acked-by: Lee Duncan <lduncan@suse.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Andrew Vasquez [Wed, 7 Feb 2018 16:12:35 +0000 (08:12 -0800)]
scsi: qedi: Fix truncation of CHAP name and secret
The data in NVRAM is not guaranteed to be NUL terminated. Since
snprintf expects byte-stream to accommodate null byte, the CHAP secret
is truncated. Use sprintf instead of snprintf to fix the truncation of
CHAP name and secret.
Signed-off-by: Andrew Vasquez <andrew.vasquez@cavium.com>
Signed-off-by: Nilesh Javali <nilesh.javali@cavium.com>
Reviewed-by: Bart Van Assche <bart.vanassche@wdc.com>
Acked-by: Chris Leech <cleech@redhat.com>
Acked-by: Lee Duncan <lduncan@suse.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Himanshu Madhani [Thu, 1 Feb 2018 18:33:18 +0000 (10:33 -0800)]
scsi: qla2xxx: Fix incorrect handle for abort IOCB
This patch fixes incorrect handle used for abort IOCB.
Fixes:
b027a5ace443 ("scsi: qla2xxx: Fix queue ID for async abort with Multiqueue")
Signed-off-by: Darren Trapp <darren.trapp@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Quinn Tran [Thu, 1 Feb 2018 18:33:17 +0000 (10:33 -0800)]
scsi: qla2xxx: Fix double free bug after firmware timeout
This patch is based on Max's original patch.
When the qla2xxx firmware is unavailable, eventually
qla2x00_sp_timeout() is reached, which calls the timeout function and
frees the srb_t instance.
The timeout function always resolves to qla2x00_async_iocb_timeout(),
which invokes another callback function called "done". All of these
qla2x00_*_sp_done() callbacks also free the srb_t instance; after
returning to qla2x00_sp_timeout(), it is freed again.
The fix is to remove the "sp->free(sp)" call from qla2x00_sp_timeout()
and add it to those code paths in qla2x00_async_iocb_timeout() which
do not already free the object.
This is how it looks like with KASAN:
BUG: KASAN: use-after-free in qla2x00_sp_timeout+0x228/0x250
Read of size 8 at addr
ffff88278147a590 by task swapper/2/0
Allocated by task 1502:
save_stack+0x33/0xa0
kasan_kmalloc+0xa0/0xd0
kmem_cache_alloc+0xb8/0x1c0
mempool_alloc+0xd6/0x260
qla24xx_async_gnl+0x3c5/0x1100
Freed by task 0:
save_stack+0x33/0xa0
kasan_slab_free+0x72/0xc0
kmem_cache_free+0x75/0x200
qla24xx_async_gnl_sp_done+0x556/0x9e0
qla2x00_async_iocb_timeout+0x1c7/0x420
qla2x00_sp_timeout+0x16d/0x250
call_timer_fn+0x36/0x200
The buggy address belongs to the object at
ffff88278147a440
which belongs to the cache qla2xxx_srbs of size 344
The buggy address is located 336 bytes inside of
344-byte region [
ffff88278147a440,
ffff88278147a598)
Reported-by: Max Kellermann <mk@cm4all.com>
Signed-off-by: Quinn Tran <quinn.tran@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Cc: Max Kellermann <mk@cm4all.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Michael Kelley (EOSG) [Wed, 24 Jan 2018 22:49:57 +0000 (22:49 +0000)]
scsi: storvsc: Increase cmd_per_lun for higher speed devices
Increase cmd_per_lun to allow more I/Os in progress per device,
particularly for NVMe's. The Hyper-V host side can handle the higher
count with no issues.
Signed-off-by: Michael Kelley <mikelley@microsoft.com>
Reviewed-by: K. Y. Srinivasan <kys@microsoft.com>
Acked-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Bart Van Assche [Wed, 24 Jan 2018 00:33:46 +0000 (16:33 -0800)]
scsi: qla2xxx: Fix a locking imbalance in qlt_24xx_handle_els()
Ensure that upon return the tgt->ha->tgt.sess_lock spin lock is unlocked
no matter which code path is taken through this function. This was
detected by sparse.
Fixes:
82abdcaf3ede ("scsi: qla2xxx: Allow target mode to accept PRLI in dual mode")
Signed-off-by: Bart Van Assche <bart.vanassche@wdc.com>
Cc: Himanshu Madhani <himanshu.madhani@cavium.com>
Cc: Quinn Tran <quinn.tran@cavium.com>
Acked-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Bart Van Assche [Tue, 23 Jan 2018 23:50:03 +0000 (15:50 -0800)]
scsi: scsi_dh: Document alua_rtpg_queue() arguments
Since commit
3a025e1d1c2e ("Add optional check for bad kernel-doc
comments") building with W=1 causes warnings to appear for issues in
kernel-doc headers. This patch avoids that the following warnings are
reported when building with W=1:
drivers/scsi/device_handler/scsi_dh_alua.c:867: warning: No description found for parameter 'pg'
drivers/scsi/device_handler/scsi_dh_alua.c:867: warning: No description found for parameter 'sdev'
drivers/scsi/device_handler/scsi_dh_alua.c:867: warning: No description found for parameter 'qdata'
drivers/scsi/device_handler/scsi_dh_alua.c:867: warning: No description found for parameter 'force'
Signed-off-by: Bart Van Assche <bart.vanassche@wdc.com>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Hannes Reinecke <hare@suse.com>
Cc: Johannes Thumshirn <jthumshirn@suse.de>
Reviewed-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Corentin Labbe [Mon, 29 Jan 2018 12:30:16 +0000 (12:30 +0000)]
scsi: Remove Makefile entry for oktagon files
Remove line using non-existent files which were removed in
commit
642978beb483 ("[SCSI] remove m68k NCR53C9x based drivers")
[mkp: tweaked patch description]
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Acked-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Corentin Labbe [Sun, 28 Jan 2018 07:23:54 +0000 (07:23 +0000)]
scsi: aic7xxx: remove aiclib.c
aiclib.c is unused (and contains no code) since commit
1ff927306e08
("[SCSI] aic7xxx: remove aiclib.c")
13 years later, finish the cleaning by removing it from tree.
[mkp: tweaked patch description]
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Bart Van Assche [Thu, 25 Jan 2018 16:24:29 +0000 (08:24 -0800)]
scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion()
A left shift must shift less than the bit width of the left argument.
Avoid triggering undefined behavior if ha->mbx_count == 32.
This patch avoids that UBSAN reports the following complaint:
UBSAN: Undefined behaviour in drivers/scsi/qla2xxx/qla_isr.c:275:14
shift exponent 32 is too large for 32-bit type 'int'
Call Trace:
dump_stack+0x4e/0x6c
ubsan_epilogue+0xd/0x3b
__ubsan_handle_shift_out_of_bounds+0x112/0x14c
qla2x00_mbx_completion+0x1c5/0x25d [qla2xxx]
qla2300_intr_handler+0x1ea/0x3bb [qla2xxx]
qla2x00_mailbox_command+0x77b/0x139a [qla2xxx]
qla2x00_mbx_reg_test+0x83/0x114 [qla2xxx]
qla2x00_chip_diag+0x354/0x45f [qla2xxx]
qla2x00_initialize_adapter+0x2c2/0xa4e [qla2xxx]
qla2x00_probe_one+0x1681/0x392e [qla2xxx]
pci_device_probe+0x10b/0x1f1
driver_probe_device+0x21f/0x3a4
__driver_attach+0xa9/0xe1
bus_for_each_dev+0x6e/0xb5
driver_attach+0x22/0x3c
bus_add_driver+0x1d1/0x2ae
driver_register+0x78/0x130
__pci_register_driver+0x75/0xa8
qla2x00_module_init+0x21b/0x267 [qla2xxx]
do_one_initcall+0x5a/0x1e2
do_init_module+0x9d/0x285
load_module+0x20db/0x38e3
SYSC_finit_module+0xa8/0xbc
SyS_finit_module+0x9/0xb
do_syscall_64+0x77/0x271
entry_SYSCALL64_slow_path+0x25/0x25
Reported-by: Meelis Roos <mroos@linux.ee>
Signed-off-by: Bart Van Assche <bart.vanassche@wdc.com>
Cc: Himanshu Madhani <himanshu.madhani@cavium.com>
Reviewed-by: Laurence Oberman <loberman@redhat.com>
Acked-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Dan Carpenter [Thu, 25 Jan 2018 14:27:27 +0000 (17:27 +0300)]
scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo()
My static checker complains about an out of bounds read:
drivers/message/fusion/mptctl.c:2786 mptctl_hp_targetinfo()
error: buffer overflow 'hd->sel_timeout' 255 <= u32max.
It's true that we probably should have a bounds check here.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Dan Carpenter [Thu, 25 Jan 2018 14:13:40 +0000 (17:13 +0300)]
scsi: sym53c8xx_2: iterator underflow in sym_getsync()
We wanted to exit the loop with "div" set to zero, but instead, if we
don't hit the break then "div" is -1 when we finish the loop. It leads
to an array underflow a few lines later.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Acked-by: Matthew Wilcox <mawilcox@microsoft.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Chad Dupuis [Wed, 24 Jan 2018 16:07:06 +0000 (08:07 -0800)]
scsi: bnx2fc: Fix check in SCSI completion handler for timed out request
When a request times out we set the io_req flag BNX2FC_FLAG_IO_COMPL so
that if a subsequent completion comes in on that task ID we will ignore
it. The issue is that in the check for this flag there is a missing
return so we will continue to process a request which may have already
been returned to the ownership of the SCSI layer. This can cause
unpredictable results.
Solution is to add in the missing return.
[mkp: typo plus title shortening]
Signed-off-by: Chad Dupuis <chad.dupuis@cavium.com>
Reviewed-by: Laurence Oberman <loberman@redhat.com>
Tested-by: Laurence Oberman <loberman@redhat.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Colin Ian King [Wed, 24 Jan 2018 14:58:01 +0000 (14:58 +0000)]
scsi: csiostor: remove redundant assignment to pointer 'ln'
The pointer ln is assigned a value that is never read, it is re-assigned
a new value in the list_for_each loop hence the initialization is
redundant and can be removed.
Cleans up clang warning:
drivers/scsi/csiostor/csio_lnode.c:117:21: warning: Value stored to 'ln'
during its initialization is never read
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Varun Prakash <varun@chelsio.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Sujit Reddy Thumma [Wed, 24 Jan 2018 04:22:35 +0000 (09:52 +0530)]
scsi: ufs: Enable quirk to ignore sending WRITE_SAME command
WRITE_SAME command is not supported by UFS. Enable a quirk for the upper
level drivers to not send WRITE SAME command.
[mkp: botched patch, applied by hand]
Signed-off-by: Sujit Reddy Thumma <sthumma@codeaurora.org>
Signed-off-by: Subhash Jadavani <subhashj@codeaurora.org>
Signed-off-by: Asutosh Das <asutoshd@codeaurora.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Tyrel Datwyler [Wed, 24 Jan 2018 02:11:32 +0000 (20:11 -0600)]
scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info
The fcp_rsp_info structure as defined in the FC spec has an initial 3
bytes reserved field. The ibmvfc driver mistakenly defined this field as
4 bytes resulting in the rsp_code field being defined in what should be
the start of the second reserved field and thus always being reported as
zero by the driver.
Ideally, we should wire ibmvfc up with libfc for the sake of code
deduplication, and ease of maintaining standardized structures in a
single place. However, for now simply fixup the definition in ibmvfc for
backporting to distros on older kernels. Wiring up with libfc will be
done in a followup patch.
Cc: <stable@vger.kernel.org>
Reported-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Tyrel Datwyler <tyreld@linux.vnet.ibm.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Quinn Tran [Tue, 23 Jan 2018 19:05:21 +0000 (11:05 -0800)]
scsi: qla2xxx: Fix memory corruption during hba reset test
This patch fixes memory corrpution while performing HBA Reset test.
Following stack trace is seen:
[ 466.397219] BUG: unable to handle kernel NULL pointer dereference at
0000000000000020
[ 466.433669] IP: [<
ffffffffc06f5dd0>] qlt_free_session_done+0x260/0x5f0 [qla2xxx]
[ 466.467731] PGD 0
[ 466.476718] Oops: 0000 [#1] SMP
Signed-off-by: Quinn Tran <quinn.tran@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Tomas Henzl [Fri, 19 Jan 2018 15:22:05 +0000 (16:22 +0100)]
scsi: mpt3sas: fix an out of bound write
cpu_msix_table is allocated to store online cpus, but pci_irq_get_affinity
may return cpu_possible_mask which is then used to access cpu_msix_table.
That causes bad user experience. Fix limits access to only online cpus,
I've also added an additional test to protect from an unlikely change in
cpu_online_mask.
[mkp: checkpatch]
Fixes:
1d55abc0e98a ("scsi: mpt3sas: switch to pci_alloc_irq_vectors")
Signed-off-by: Tomas Henzl <thenzl@redhat.com>
Acked-by: Suganath Prabu Subramani <suganath-prabu.subramani@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Himanshu Madhani [Mon, 22 Jan 2018 20:04:20 +0000 (12:04 -0800)]
scsi: qla2xxx: Fix logo flag for qlt_free_session_done()
Commit
3515832cc614 ("scsi: qla2xxx: Reset the logo flag, after target
re-login.")fixed the target re-login after session relogin is complete,
but missed out the qlt_free_session_done() path.
This patch clears send_els_logo flag in qlt_free_session_done()
callback.
[mkp: checkpatch]
Fixes:
3515832cc614 ("scsi: qla2xxx: Reset the logo flag, after target re-login.")
Signed-off-by: Himanshu Madhani <hmadhani@redhat.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Arnd Bergmann [Sun, 21 Jan 2018 23:12:26 +0000 (00:12 +0100)]
scsi: arcmsr: avoid do_gettimeofday
The arcmsr uses its own implementation of time_to_tm(), along with
do_gettimeofday() to read the current time. While the algorithm used
here is fine in principle, it suffers from two problems:
- it assigns the seconds portion of the timeval to a 32-bit unsigned
integer that overflows in 2106 even on 64-bit architectures.
- do_gettimeofday() returns a time_t that overflows in 2038 on all
32-bit systems.
This changes the time retrieval function to ktime_get_real_seconds(),
which returns a proper 64-bit value, and replaces the open-coded
time_to_tm() algorithm with a call to the safe time64_to_tm().
I checked way all numbers are indexed and found that months are given in
range 0..11 while the days are in range 1..31, same as 'struct tm', but
the year value that the firmware expects starts in 2000 while 'struct
tm' is based on year 1900, so it needs a small adjustment.
[mkp: checkpatch tweaks]
Fixes:
b416c099472a ("scsi: arcmsr: Add a function to set date and time to firmware")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Ching Huang <ching2048@areca.com.tw>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Hannes Reinecke [Fri, 19 Jan 2018 15:11:10 +0000 (16:11 +0100)]
scsi: core: Add VENDOR_SPECIFIC sense code definitions
Some older devices will return vendor specific sense codes, so we should
be adding a definition for it.
Signed-off-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Bart Van Assche <bart.vanassche@wdc.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Manish Rangankar [Fri, 19 Jan 2018 06:52:09 +0000 (22:52 -0800)]
scsi: qedi: Drop cqe response during connection recovery
We get stuck in the loop when firmware sends a cqe response during
connection recovery.
Signed-off-by: Manish Rangankar <manish.rangankar@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Arnd Bergmann [Thu, 18 Jan 2018 13:16:38 +0000 (14:16 +0100)]
scsi: fas216: fix sense buffer initialization
While testing with the ARM specific memset() macro removed, I ran into a
compiler warning that shows an old bug:
drivers/scsi/arm/fas216.c: In function 'fas216_rq_sns_done':
drivers/scsi/arm/fas216.c:2014:40: error: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to provide an explicit length? [-Werror=sizeof-pointer-memaccess]
It turns out that the definition of the scsi_cmd structure changed back
in linux-2.6.25, so now we clear only four bytes (sizeof(pointer))
instead of 96 (SCSI_SENSE_BUFFERSIZE). I did not check whether we
actually need to initialize the buffer here, but it's clear that if we
do it, we should use the correct size.
Fixes:
de25deb18016 ("[SCSI] use dynamically allocated sense buffer")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Christopher Díaz Riveros [Thu, 18 Jan 2018 01:38:39 +0000 (20:38 -0500)]
scsi: ibmvfc: Remove unneeded semicolons
Trivial fix removes unneeded semicolons after switch blocks.
This issue was detected by using the Coccinelle software.
Signed-off-by: Christopher Díaz Riveros <chrisadr@gentoo.org>
Acked-by: Tyrel Datwyler <tyreld@linux.vnet.ibm.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Xiang Chen [Wed, 17 Jan 2018 16:46:54 +0000 (00:46 +0800)]
scsi: hisi_sas: fix a bug in hisi_sas_dev_gone()
When device gone, NULL pointer can be accessed in free_device callback
if during SAS controller reset as we clear structure sas_dev prior.
Actually we can only set dev_type as SAS_PHY_UNUSED and not clear
structure sas_dev as all the members of structure sas_dev will be
re-initialized after device found.
Signed-off-by: Xiang Chen <chenxiang66@hisilicon.com>
Signed-off-by: John Garry <john.garry@huawei.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Xiaofei Tan [Wed, 17 Jan 2018 16:46:53 +0000 (00:46 +0800)]
scsi: hisi_sas: directly attached disk LED feature for v2 hw
This patch implements LED feature of directly attached disk for v2 hw.
As libsas has provided an interface lldd_write_gpio() for this feature,
we just need realise the interface following SPGIO API.
We use an CPLD to finish the hardware part of this feature, and the base
address of CPLD should be configured through ACPI or DT tables.
Signed-off-by: Xiaofei Tan <tanxiaofei@huawei.com>
Signed-off-by: John Garry <john.garry@huawei.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Xiaofei Tan [Wed, 17 Jan 2018 16:46:52 +0000 (00:46 +0800)]
scsi: hisi_sas: devicetree: bindings: add LED feature for v2 hw
Add directly attached disk LED feature for v2 hw.
Signed-off-by: Xiaofei Tan <tanxiaofei@huawei.com>
Signed-off-by: John Garry <john.garry@huawei.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:33:04 +0000 (05:33 -0800)]
scsi: megaraid_sas: NVMe passthrough command support
NVMe passthrough via MFI interface. Current MegaRAID product supports
different types of encapsulation via the MFI framework.
NVMe native command should be framed by application and it should be
embedded in MFI as payload. The driver will provide interface to send
the MFI frame along with the payload (in this case, payload is NVMe
native command) to the firmware. Driver already has an existing, similar
interface for SATA and SMP passthrough.
1. Driver will pass MFI command to the firmware if the latter supports
NVMe encapsulated processing (not all SAS3.5 firmware supports this
feature).
2. Driver exposes sysfs entry support_nvme_encapsulation. This is
required for backward compatibility for applications using earlier
driver versions that did not process IOCTL frames and could result in
host hang.
This is already fixed as part of commit
82add4e1b354 ("scsi:
megaraid_sas: Incorrect processing of IOCTL frames for SMP/STP
commands")
[mkp: clarified commit message]
Signed-off-by: Sumit Saxena <sumit.saxena@broadcom.com>
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Arnd Bergmann [Wed, 17 Jan 2018 14:48:51 +0000 (15:48 +0100)]
scsi: megaraid: use ktime_get_real for firmware time
do_gettimeofday() overflows in 2038 on 32-bit architectures and is
deprecated, so convert this driver to call ktime_get_real()
directly. This also simplifies the calculation.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Sumit Saxena <sumit.saxena@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Arnd Bergmann [Wed, 17 Jan 2018 15:16:48 +0000 (16:16 +0100)]
scsi: fnic: use 64-bit timestamps
struct timespec is deprecated since it overflows in 2038 on 32-bit
architectures, so we should use timespec64 consistently.
I'm slightly adapting the format strings here, to make sure we print the
nanoseconds with the correct number of leading zeroes.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Satish Kharat <satishkh@cisco.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Wei Yongjun [Wed, 17 Jan 2018 12:42:41 +0000 (12:42 +0000)]
scsi: qedf: Fix error return code in __qedf_probe()
Fix to return error code -ENOMEM from the error handling case instead of
0, as done elsewhere in this function.
Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com>
Acked-by: Chad Dupuis <chad.dupuis@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Xose Vazquez Perez [Mon, 15 Jan 2018 16:47:23 +0000 (17:47 +0100)]
scsi: devinfo: fix format of the device list
Replace "" with NULL for product revision level, and merge TEXEL
duplicate entries.
Cc: Hannes Reinecke <hare@suse.de>
Cc: Martin K. Petersen <martin.petersen@oracle.com>
Cc: James E.J. Bottomley <jejb@linux.vnet.ibm.com>
Cc: SCSI ML <linux-scsi@vger.kernel.org>
Signed-off-by: Xose Vazquez Perez <xose.vazquez@gmail.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
himanshu.madhani@cavium.com [Tue, 16 Jan 2018 04:46:53 +0000 (20:46 -0800)]
scsi: qla2xxx: Update driver version to 10.00.00.05-k
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Anil Gurumurthy [Tue, 16 Jan 2018 04:46:52 +0000 (20:46 -0800)]
scsi: qla2xxx: Add XCB counters to debugfs
Signed-off-by: Anil Gurumurthy <anil.gurumurthy@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Darren Trapp [Tue, 16 Jan 2018 04:46:51 +0000 (20:46 -0800)]
scsi: qla2xxx: Fix queue ID for async abort with Multiqueue
[mkp: sparse warning]
Signed-off-by: Darren Trapp <darren.trapp@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
himanshu.madhani@cavium.com [Tue, 16 Jan 2018 04:46:50 +0000 (20:46 -0800)]
scsi: qla2xxx: Fix warning for code intentation in __qla24xx_handle_gpdb_event()
This patch fixes following smatch warning:
drivers/scsi/qla2xxx/qla_init.c:1054 __qla24xx_handle_gpdb_event() warn: inconsistent indenting
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
himanshu.madhani@cavium.com [Tue, 16 Jan 2018 04:46:49 +0000 (20:46 -0800)]
scsi: qla2xxx: Fix warning during port_name debug print
This patch fixes following smatch warning:
drivers/scsi/qla2xxx/qla_iocb.c:2622 qla2x00_els_dcmd2_sp_done() error: '%pC' expects argument of type 'struct clk*', argument 8 has type 'uchar[]'
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
himanshu.madhani@cavium.com [Tue, 16 Jan 2018 04:46:48 +0000 (20:46 -0800)]
scsi: qla2xxx: Fix warning in qla2x00_async_iocb_timeout()
This patch fixes following Smatch warning:
drivers/scsi/qla2xxx/qla_init.c:130 qla2x00_async_iocb_timeout() error: we previously assumed 'fcport' could be null (see line 107)
Fixes:
5c25d451163c ("scsi: qla2xxx: Fix NULL pointer access for fcport structure")
Reported by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Quinn Tran <quinn.tran@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
himanshu.madhani@cavium.com [Tue, 16 Jan 2018 04:46:47 +0000 (20:46 -0800)]
scsi: qla2xxx: Fix recursion while sending terminate exchange
During error test case where switch port status is toggled from enable to
disable, following stack trace is seen which indicates recursion trying to
send terminate exchange. This regression was introduced by commit
82de802ad46e ("scsi: qla2xxx: Preparation for Target MQ.")
BUG: stack guard page was hit at
ffffb96488383ff8 (stack is
ffffb96488384000..
ffffb96488387fff)
BUG: stack guard page was hit at
ffffb964886c3ff8 (stack is
ffffb964886c4000..
ffffb964886c7fff)
kernel stack overflow (double-fault): 0000 [#1] SMP
qlt_term_ctio_exchange+0x9c/0xb0 [qla2xxx]
qlt_term_ctio_exchange+0x9c/0xb0 [qla2xxx]
qlt_term_ctio_exchange+0x9c/0xb0 [qla2xxx]
qlt_term_ctio_exchange+0x9c/0xb0 [qla2xxx]
qlt_term_ctio_exchange+0x9c/0xb0 [qla2xxx]
Fixes:
82de802ad46e ("scsi: qla2xxx: Preparation for Target MQ.")
Cc: <stable@vger.kernel.org> #4.10
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
himanshu.madhani@cavium.com [Tue, 16 Jan 2018 04:46:46 +0000 (20:46 -0800)]
scsi: qla2xxx: Fix NULL pointer crash due to probe failure
This patch fixes regression added by commit
d74595278f4ab
("scsi: qla2xxx: Add multiple queue pair functionality.").
When driver is not able to get reqeusted IRQs from the system, driver will
attempt tp clean up memory before failing hardware probe. During this cleanup,
driver assigns NULL value to the pointer which has not been allocated by
driver yet. This results in a NULL pointer access.
Log file will show following message and stack trace
qla2xxx [0000:a3:00.1]-00c7:21: MSI-X: Failed to enable support, giving up -- 32/-1.
qla2xxx [0000:a3:00.1]-0037:21: Falling back-to MSI mode --1.
qla2xxx [0000:a3:00.1]-003a:21: Failed to reserve interrupt 821 already in use.
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<
ffffffffc010c4b6>] qla2x00_probe_one+0x18b6/0x2730 [qla2xxx]
PGD 0
Oops: 0002 [#1] SMP
Fixes:
d74595278f4ab ("scsi: qla2xxx: Add multiple queue pair functionality.").
Cc: <stable@vger.kernel.org> # 4.10
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Colin Ian King [Tue, 16 Jan 2018 19:08:15 +0000 (19:08 +0000)]
scsi: mptsas: remove duplicated assignment to pointer head
The pointer head is re-assigned the same value twice, so remove the
second redundant assignment.
Cleans up clang warning:
drivers/message/fusion/mptsas.c:1161:20: warning: Value stored to 'head'
during its initialization is never read
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Dan Carpenter [Tue, 16 Jan 2018 10:40:22 +0000 (13:40 +0300)]
scsi: storvsc: missing error code in storvsc_probe()
We should set the error code if fc_remote_port_add() fails.
Cc: <stable@vger.kernel.org> #v4.12+
Fixes:
daf0cd445a21 ("scsi: storvsc: Add support for FC rport.")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Cathy Avery <cavery@redhat.com>
Acked-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Andy Shevchenko [Mon, 15 Jan 2018 17:05:58 +0000 (19:05 +0200)]
scsi: mptfusion: Use snprintf() instead of open coded divisions
Numbers up to 100 snprintf() prints without using a division. Besides
that the code looks more readable.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Colin Ian King [Thu, 11 Jan 2018 16:55:39 +0000 (16:55 +0000)]
scsi: mpt3sas: make function _get_st_from_smid static
The function _get_st_from_smid is local to the source and does not need
to be in global scope, so make it static.
Cleans up sparse warning:
symbol '_get_st_from_smid' was not declared. Should it be static?
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Wei Yongjun [Thu, 11 Jan 2018 11:13:58 +0000 (11:13 +0000)]
scsi: hisi_sas: make local symbol host_attrs static
Fixes the following sparse warning:
drivers/scsi/hisi_sas/hisi_sas_main.c:1691:25: warning:
symbol 'host_attrs' was not declared. Should it be static?
Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com>
Acked-by: John Garry <john.garry@huawei.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Douglas Gilbert [Wed, 10 Jan 2018 21:57:31 +0000 (16:57 -0500)]
scsi: scsi_debug: delay stress fix
Introduce a state enum into sdebug_defer objects to indicate which, if
any, defer method has been used with the associated command. Also add 2
bools to indicate which of the defer methods has been initialized. Those
objects are re-used but the initialization only needs to be done
once. This simplifies command cancellation handling.
Now the delay associated with a deferred response of a command cannot be
changed (once started) by changing the delay (and ndelay) parameters in
sysfs. Command aborts and driver shutdown are still honoured immediately
when received.
[mkp: applied by hand]
Signed-off-by: Douglas Gilbert <dgilbert@interlog.com>
Reviewed-by: Bart Van Assche <bart.vanassche@wdc.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Rasmus Villemoes [Mon, 8 Jan 2018 23:11:15 +0000 (00:11 +0100)]
scsi: fnic: use kzalloc in fnic_fcoe_process_vlan_resp
This saves a little .text and gets rid of the unmotivated line break and
the sizeof(...) style inconsistency.
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:27:49 +0000 (05:27 -0800)]
scsi: megaraid_sas: driver version upgrade
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:27:47 +0000 (05:27 -0800)]
scsi: megaraid_sas: re-work DCMD refire code
No functional changes.
This patch is a re-work of DCMD refire code to better manage all the
different cases to decide whether to REFIRE or SKIP or COMPLETE certain
DCMD.
Signed-off-by: Sumit Saxena <sumit.saxena@broadcom.com>
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:27:46 +0000 (05:27 -0800)]
scsi: megaraid_sas: Expose fw_cmds_outstanding through sysfs
Expose FW outstanding commands (fw_outstanding) through sysfs interface.
This helps in debugging certain performance issues in the field.
Signed-off-by: Sasikumar Chandrasekaran <sasikumar.pc@broadcom.com>
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:27:45 +0000 (05:27 -0800)]
scsi: megaraid_sas: Selectively apply stream detection based on IO type
Performance improvement:
Current driver calls stream detection unconditionally for all IOs.
Stream Detection logic is not required for most of the fast path IO. To
improve performance, avoid stream detection logic and do it only if
required.
Below are the cases where stream detection is required in driver:
1. All non-FastPath IOs (IOs going to FW)
2. Fast Path reads sent to ReadAhead capable VDs.
Signed-off-by: Sumit Saxena <sumit.saxena@broadcom.com>
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:27:44 +0000 (05:27 -0800)]
scsi: megaraid_sas: Update LD map after populating drv_map driver map copy
Issue – There may be some IO accessing incorrect raid map, but driver
has checks in IO path to handle those cases. It is always better to move
to new raid map only once raid map is populated and validated. No
functional defect. Fix is provided as part of review. Fix – Update
instance->map_id after driver has populated new driver raid map from
firmware raid map.
Signed-off-by: Sumit Saxena <sumit.saxena@broadcom.com>
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:27:43 +0000 (05:27 -0800)]
scsi: megaraid_sas: Use megasas_wait_for_adapter_operational to detect controller state in IOCTL path
In IOCTL path, re-use megasas_wait_for_adapter_operational API to detect
controller state. This will make driver to use this API uniformly in all
cases where we need to wait for adapter to become operational.
Signed-off-by: Sumit Saxena <sumit.saxena@broadcom.com>
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:27:42 +0000 (05:27 -0800)]
scsi: megaraid_sas: Avoid firing DCMDs while OCR is in progress
Driver needs to avoid PCI writes while OCR is in progress. Use
reset_mutex to synchronize between firing DCMDs MR_DCMD_PD_GET_INFO and
MR_DCMD_DRV_GET_TARGET_PROP while OCR is triggered. Without this fix,
if Device/VD add/creation is in progress and at the same time MR
Firmware is going through OCR, user may see OCR never completed and it
may need system reboot. This scenario is rare to occur. Fix is provided
as part of review.
Signed-off-by: Sumit Saxena <sumit.saxena@broadcom.com>
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:27:41 +0000 (05:27 -0800)]
scsi: megaraid_sas: unload flag should be set after scsi_remove_host is called
Issue - Driver returns DID_NO_CONNECT when unload is in progress,
indicated using instance->unload flag. In case of dynamic unload of
driver, this flag is set before calling scsi_remove_host(). While doing
manual driver unload, user will see lots of prints for Sync Cache
command with DID_NO_CONNECT status.
Fix - Set the instance->unload flag after scsi_remove_host(). Allow
device removal process to be completed and do not block any command
before that. SCSI commands (like SYNC_CACHE) are received (as part of
scsi_remove_host) by driver during unload will be submitted further down
to the drives.
Signed-off-by: Sumit Saxena <sumit.saxena@broadcom.com>
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:27:40 +0000 (05:27 -0800)]
scsi: megaraid_sas: Error handling for invalid ldcount provided by firmware in RAID map
Currently driver does not validate ldcount provided by firmware. If the
value is invalid, fail RAID map validation accordingly. This issue is
rare to hit in field and is fixed as part of code review.
Signed-off-by: Sumit Saxena <sumit.saxena@broadcom.com>
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:27:39 +0000 (05:27 -0800)]
scsi: megaraid_sas: Reset ldio_outstanding in megasas_resume
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:27:38 +0000 (05:27 -0800)]
scsi: megaraid_sas: Return the DCMD status from megasas_get_seq_num
In megasas_get_seq_num, the status of the DCMD fired to FW is not
returned, it always returns success. We could end up registering AEN
request with incorrect sequence number if the DCMD failed. Return the
DCMD status back to caller. This was discovered during code review and
very rare to see issue in field to see AEN request failed bt FW.
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:27:37 +0000 (05:27 -0800)]
scsi: megaraid_sas: memset IOC INIT frame using correct size
Commit
b9637d14dc00 ("scsi: megaraid_sas: Resize MFA frame used for IOC
INIT to 4k") increased the size of IOC INIT frame to 4k. Need to use
updated size when memsetting init_frame.
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Shivasharan S [Fri, 5 Jan 2018 13:27:36 +0000 (05:27 -0800)]
scsi: megaraid_sas: zero out IOC INIT and stream detection memory
Memory allocated for IOC_INIT command and stream detection array are not
zero'd before using. Use kzalloc instead of kmalloc to zero out the
memory allocated.
Signed-off-by: Sumit Saxena <sumit.saxena@broadcom.com>
Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Bart Van Assche [Wed, 10 Jan 2018 22:41:45 +0000 (14:41 -0800)]
scsi: core: Change third __scsi_queue_insert() argument from int to bool
This patch does not change any functionality but makes the SCSI core
source code slightly easier to read.
Signed-off-by: Bart Van Assche <bart.vanassche@wdc.com>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Hannes Reinecke <hare@suse.de>
Cc: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Raghava Aditya Renukunta [Wed, 10 Jan 2018 21:13:10 +0000 (13:13 -0800)]
scsi: aacraid: Delay for rescan worker needs to be 10 seconds
The delay for the rescan worker needs to 10 seconds, missed the HZ in
there.
Fixes:
a1367e4adee207fe (scsi: aacraid: Reschedule host scan in case of failure)
Signed-off-by: Raghava Aditya Renukunta <RaghavaAditya.Renukunta@microsemi.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Raghava Aditya Renukunta [Wed, 10 Jan 2018 21:13:09 +0000 (13:13 -0800)]
scsi: aacraid: Get correct lun count
The correct lun count needs to be divided by 24, missed it in the
previous patch set.
Fixes:
4b00022753550055 (scsi: aacraid: Create helper functions to get lun info)
Signed-off-by: Raghava Aditya Renukunta <RaghavaAditya.Renukunta@microsemi.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Hannes Reinecke [Fri, 22 Dec 2017 11:52:53 +0000 (12:52 +0100)]
scsi: scsi_dh_alua: skip RTPG for devices only supporting active/optimized
For hardware only supporting active/optimized there's no point in ever
re-issuing RTPG as the only new state we can possibly read is
active/optimized. This avoid spurious errors during path failover on
such arrays.
Signed-off-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Bart Van Assche <bart.vanassche@wdc.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Colin Ian King [Sun, 7 Jan 2018 23:15:10 +0000 (23:15 +0000)]
scsi: bfa: use ARRAY_SIZE for array sizing calculation on array __pciids
Use the ARRAY_SIZE macro on array __pciids to determine size of the
array. Improvement suggested by coccinelle.
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Colin Ian King [Fri, 5 Jan 2018 15:50:37 +0000 (15:50 +0000)]
scsi: qla2xxx: remove redundant assignment of d
The initialization of d is redundant as this value is never read and it
is overwritten inside the subsequent for-loop. Remove this redundant
assignment.
Cleans up clang warning:
drivers/scsi/qla2xxx/qla_gs.c:3985:29: warning: Value stored to 'd'
during its initialization is never read
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Himanshu Jha [Tue, 9 Jan 2018 09:06:52 +0000 (14:36 +0530)]
scsi: qedi: Use zeroing allocator instead of allocator/memset
Use dma_zalloc_coherent instead of dma_alloc_coherent followed by memset
0.
Generated-by: scripts/coccinelle/api/alloc/kzalloc-simple.cocci
Suggested-by: Luis R. Rodriguez <mcgrof@kernel.org>
Signed-off-by: Himanshu Jha <himanshujha199640@gmail.com>
Acked-by: Manish Rangankar <Manish.Rangankar@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Himanshu Jha [Tue, 9 Jan 2018 09:06:51 +0000 (14:36 +0530)]
scsi: bnx2fc: Use zeroing allocator rather than allocator/memset
Use dma_zalloc_coherent instead of dma_alloc_coherent followed by memset
0.
Generated-by: scripts/coccinelle/api/alloc/kzalloc-simple.cocci
Suggested-by: Luis R. Rodriguez <mcgrof@kernel.org>
Signed-off-by: Himanshu Jha <himanshujha199640@gmail.com>
Acked-by: Chad Dupuis <chad.dupuis@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
chenxiang [Thu, 28 Dec 2017 10:20:47 +0000 (18:20 +0800)]
scsi: hisi_sas: Change frame type for SET MAX commands
According to ATA protocol, SET MAX commands belong to different frame
types. So judge features field of SET MAX commands to decide which
frame type they belongs to.
Signed-off-by: Xiang Chen <chenxiang66@hisilicon.com>
Signed-off-by: John Garry <john.garry@huawei.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
chenxiang [Thu, 28 Dec 2017 10:20:46 +0000 (18:20 +0800)]
scsi: ata: enhance the definition of SET MAX feature field value
There are two other values for SET MAX feature field according to ata
protocol. So definite them.
Signed-off-by: Xiang Chen <chenxiang66@hisilicon.com>
Signed-off-by: John Garry <john.garry@huawei.com>
Acked-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Steffen Weber [Tue, 2 Jan 2018 18:24:09 +0000 (19:24 +0100)]
scsi: smartpqi: allow static build ("built-in")
If CONFIG_SCSI_SMARTPQI=y then don't build this driver as a module.
Signed-off-by: Steffen Weber <steffen.weber@gmail.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Douglas Gilbert [Sat, 23 Dec 2017 17:48:14 +0000 (12:48 -0500)]
scsi: scsi_debug: add resp_write_scat function
Add resp_write_scat() function to support decoding WRITE SCATTERED
(16 and 32). Also weave resp_write_scat() into the cdb decoding
logic.
Signed-off-by: Douglas Gilbert <dgilbert@interlog.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Douglas Gilbert [Sat, 23 Dec 2017 17:48:13 +0000 (12:48 -0500)]
scsi: scsi_debug: ARRAY_SIZE and FF_MEDIA_IO
Reviewer suggested using the ARRAY_SIZE macro. That reduced one of the subtle
inter-dependencies in the parser's tables.
It is important that commands which simulate media access, indicate this in the
flags for that command. The flag to do that was FF_DIRECT_IO. On reflection
FF_MEDIA_IO seems a more accurate description.
Signed-off-by: Douglas Gilbert <dgilbert@interlog.com>
Reviewed-by: Bart Van Assche <bart.vanassche@wdc.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>