From 75eee7252466342e0dfa6675106bcd3955090f67 Mon Sep 17 00:00:00 2001 From: Vasu Dev Date: Fri, 8 Oct 2010 17:12:15 -0700 Subject: [SCSI] libfc: use DID_TRANSPORT_DISRUPTED while lport not ready This is per Mile Christie feedback since in this case IO could get retried for tape devices and therefore DID_REQUEUE cannot be used, more details in this thread. http://marc.info/?l=linux-scsi&m=127970522630136&w=2 Signed-off-by: Vasu Dev Signed-off-by: Robert Love Signed-off-by: James Bottomley --- drivers/scsi/libfc/fc_fcp.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'drivers/scsi/libfc/fc_fcp.c') diff --git a/drivers/scsi/libfc/fc_fcp.c b/drivers/scsi/libfc/fc_fcp.c index c797f6b48f0..43866e6d0bf 100644 --- a/drivers/scsi/libfc/fc_fcp.c +++ b/drivers/scsi/libfc/fc_fcp.c @@ -1971,10 +1971,8 @@ static void fc_io_compl(struct fc_fcp_pkt *fsp) break; } - if (lport->state != LPORT_ST_READY && fsp->status_code != FC_COMPLETE) { - sc_cmd->result = (DID_REQUEUE << 16); - FC_FCP_DBG(fsp, "Returning DID_REQUEUE to scsi-ml\n"); - } + if (lport->state != LPORT_ST_READY && fsp->status_code != FC_COMPLETE) + sc_cmd->result = (DID_TRANSPORT_DISRUPTED << 16); spin_lock_irqsave(&si->scsi_queue_lock, flags); list_del(&fsp->list); -- cgit v1.2.3 From 8b7ac2bb07bbadb0636f21f51564e6d363bb6d20 Mon Sep 17 00:00:00 2001 From: Vasu Dev Date: Fri, 8 Oct 2010 17:12:31 -0700 Subject: [SCSI] libfc: possible race could panic system due to NULL fsp->cmd It is unlikely but in case if it hits then it would cause panic due to null cmd ptr, so far only one instance seen recently with ESX though this was introduced long ago with this commit:- commit c1ecb90a66c5afc7cc5c9349f9c3714eef4a5cfb Author: Chris Leech Date: Thu Dec 10 09:59:26 2009 -0800 [SCSI] libfc: reduce hold time on SCSI host lock Currently fsp->cmd is set to NULL w/o scsi_queue_lock before dequeuing from scsi_pkt_queue and that could cause NULL fsp->cmd in fc_fcp_cleanup_each_cmd for cmd completing with fsp->cmd = NULL after fc_fcp_cleanup_each_cmd taken reference. No need to set fsp->cmd to NULL as this is also protected by fc_fcp_lock_pkt(), for above race the fc_fcp_lock_pkt() in fc_fcp_cleanup_each_cmd() will fail as that cmd is already done. Mike mentioned same issue at http://www.open-fcoe.org/pipermail/devel/2010-September/010533.html Similarly moved sc_cmd->SCp.ptr = NULL under scsi_queue_lock so that scsi abort error handler won't abort on completed cmds. Signed-off-by: Vasu Dev Signed-off-by: Robert Love Signed-off-by: James Bottomley --- drivers/scsi/libfc/fc_fcp.c | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) (limited to 'drivers/scsi/libfc/fc_fcp.c') diff --git a/drivers/scsi/libfc/fc_fcp.c b/drivers/scsi/libfc/fc_fcp.c index 43866e6d0bf..e340373b509 100644 --- a/drivers/scsi/libfc/fc_fcp.c +++ b/drivers/scsi/libfc/fc_fcp.c @@ -58,8 +58,7 @@ struct kmem_cache *scsi_pkt_cachep; #define FC_SRB_WRITE (1 << 0) /* - * The SCp.ptr should be tested and set under the host lock. NULL indicates - * that the command has been retruned to the scsi layer. + * The SCp.ptr should be tested and set under the scsi_pkt_queue lock */ #define CMD_SP(Cmnd) ((struct fc_fcp_pkt *)(Cmnd)->SCp.ptr) #define CMD_ENTRY_STATUS(Cmnd) ((Cmnd)->SCp.have_data_in) @@ -1880,8 +1879,6 @@ static void fc_io_compl(struct fc_fcp_pkt *fsp) lport = fsp->lp; si = fc_get_scsi_internal(lport); - if (!fsp->cmd) - return; /* * if can_queue ramp down is done then try can_queue ramp up @@ -1891,11 +1888,6 @@ static void fc_io_compl(struct fc_fcp_pkt *fsp) fc_fcp_can_queue_ramp_up(lport); sc_cmd = fsp->cmd; - fsp->cmd = NULL; - - if (!sc_cmd->SCp.ptr) - return; - CMD_SCSI_STATUS(sc_cmd) = fsp->cdb_status; switch (fsp->status_code) { case FC_COMPLETE: @@ -1976,8 +1968,8 @@ static void fc_io_compl(struct fc_fcp_pkt *fsp) spin_lock_irqsave(&si->scsi_queue_lock, flags); list_del(&fsp->list); - spin_unlock_irqrestore(&si->scsi_queue_lock, flags); sc_cmd->SCp.ptr = NULL; + spin_unlock_irqrestore(&si->scsi_queue_lock, flags); sc_cmd->scsi_done(sc_cmd); /* release ref from initial allocation in queue command */ @@ -1995,6 +1987,7 @@ int fc_eh_abort(struct scsi_cmnd *sc_cmd) { struct fc_fcp_pkt *fsp; struct fc_lport *lport; + struct fc_fcp_internal *si; int rc = FAILED; unsigned long flags; @@ -2004,7 +1997,8 @@ int fc_eh_abort(struct scsi_cmnd *sc_cmd) else if (!lport->link_up) return rc; - spin_lock_irqsave(lport->host->host_lock, flags); + si = fc_get_scsi_internal(lport); + spin_lock_irqsave(&si->scsi_queue_lock, flags); fsp = CMD_SP(sc_cmd); if (!fsp) { /* command completed while scsi eh was setting up */ @@ -2013,7 +2007,7 @@ int fc_eh_abort(struct scsi_cmnd *sc_cmd) } /* grab a ref so the fsp and sc_cmd cannot be relased from under us */ fc_fcp_pkt_hold(fsp); - spin_unlock_irqrestore(lport->host->host_lock, flags); + spin_unlock_irqrestore(&si->scsi_queue_lock, flags); if (fc_fcp_lock_pkt(fsp)) { /* completed while we were waiting for timer to be deleted */ -- cgit v1.2.3 From f281233d3eba15fb225d21ae2e228fd4553d824a Mon Sep 17 00:00:00 2001 From: Jeff Garzik Date: Tue, 16 Nov 2010 02:10:29 -0500 Subject: SCSI host lock push-down Move the mid-layer's ->queuecommand() invocation from being locked with the host lock to being unlocked to facilitate speeding up the critical path for drivers who don't need this lock taken anyway. The patch below presents a simple SCSI host lock push-down as an equivalent transformation. No locking or other behavior should change with this patch. All existing bugs and locking orders are preserved. Additionally, add one parameter to queuecommand, struct Scsi_Host * and remove one parameter from queuecommand, void (*done)(struct scsi_cmnd *) Scsi_Host* is a convenient pointer that most host drivers need anyway, and 'done' is redundant to struct scsi_cmnd->scsi_done. Minimal code disturbance was attempted with this change. Most drivers needed only two one-line modifications for their host lock push-down. Signed-off-by: Jeff Garzik Acked-by: James Bottomley Signed-off-by: Linus Torvalds --- drivers/scsi/libfc/fc_fcp.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'drivers/scsi/libfc/fc_fcp.c') diff --git a/drivers/scsi/libfc/fc_fcp.c b/drivers/scsi/libfc/fc_fcp.c index e340373b509..2924363d142 100644 --- a/drivers/scsi/libfc/fc_fcp.c +++ b/drivers/scsi/libfc/fc_fcp.c @@ -1753,7 +1753,7 @@ static inline int fc_fcp_lport_queue_ready(struct fc_lport *lport) * This is the i/o strategy routine, called by the SCSI layer. This routine * is called with the host_lock held. */ -int fc_queuecommand(struct scsi_cmnd *sc_cmd, void (*done)(struct scsi_cmnd *)) +static int fc_queuecommand_lck(struct scsi_cmnd *sc_cmd, void (*done)(struct scsi_cmnd *)) { struct fc_lport *lport; struct fc_rport *rport = starget_to_rport(scsi_target(sc_cmd->device)); @@ -1851,6 +1851,8 @@ out: spin_lock_irq(lport->host->host_lock); return rc; } + +DEF_SCSI_QCMD(fc_queuecommand) EXPORT_SYMBOL(fc_queuecommand); /** -- cgit v1.2.3