mirror of
				https://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson
				synced 2025-10-26 08:59:47 +00:00 
			
		
		
		
	[SCSI] fix locking around blk_abort_request()
blk_abort_request() expects queue lock to be held by the caller. Grab it before calling the function. Lack of this synchronization led to infinite loop on corrupt q->timeout_list. Signed-off-by: Tejun Heo <tj@kernel.org> Cc: stable@kernel.org Signed-off-by: James Bottomley <James.Bottomley@suse.de>
This commit is contained in:
		
							parent
							
								
									9a908c1aa4
								
							
						
					
					
						commit
						70b25f890c
					
				| @ -395,11 +395,15 @@ int sas_ata_init_host_and_port(struct domain_device *found_dev, | ||||
| void sas_ata_task_abort(struct sas_task *task) | ||||
| { | ||||
| 	struct ata_queued_cmd *qc = task->uldd_task; | ||||
| 	struct request_queue *q = qc->scsicmd->device->request_queue; | ||||
| 	struct completion *waiting; | ||||
| 	unsigned long flags; | ||||
| 
 | ||||
| 	/* Bounce SCSI-initiated commands to the SCSI EH */ | ||||
| 	if (qc->scsicmd) { | ||||
| 		spin_lock_irqsave(q->queue_lock, flags); | ||||
| 		blk_abort_request(qc->scsicmd->request); | ||||
| 		spin_unlock_irqrestore(q->queue_lock, flags); | ||||
| 		scsi_schedule_eh(qc->scsicmd->device->host); | ||||
| 		return; | ||||
| 	} | ||||
|  | ||||
| @ -1030,6 +1030,8 @@ int __sas_task_abort(struct sas_task *task) | ||||
| void sas_task_abort(struct sas_task *task) | ||||
| { | ||||
| 	struct scsi_cmnd *sc = task->uldd_task; | ||||
| 	struct request_queue *q = sc->device->request_queue; | ||||
| 	unsigned long flags; | ||||
| 
 | ||||
| 	/* Escape for libsas internal commands */ | ||||
| 	if (!sc) { | ||||
| @ -1044,7 +1046,9 @@ void sas_task_abort(struct sas_task *task) | ||||
| 		return; | ||||
| 	} | ||||
| 
 | ||||
| 	spin_lock_irqsave(q->queue_lock, flags); | ||||
| 	blk_abort_request(sc->request); | ||||
| 	spin_unlock_irqrestore(q->queue_lock, flags); | ||||
| 	scsi_schedule_eh(sc->device->host); | ||||
| } | ||||
| 
 | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 Tejun Heo
						Tejun Heo