07 Jul, 2013
2 commits
-
This patch changes iscsit_add_reject() + iscsit_add_reject_from_cmd()
usage to not sleep on iscsi_cmd->reject_comp to address a free-after-use
usage bug in v3.10 with iser-target code.It saves ->reject_reason for use within iscsit_build_reject() so the
correct value for both transport cases. It also drops the legacy
fail_conn parameter usage throughput iscsi-target code and adds
two iscsit_add_reject_cmd() and iscsit_reject_cmd helper functions,
along with various small cleanups.(v2: Re-enable target_put_sess_cmd() to be called from
iscsit_add_reject_from_cmd() for rejects invoked after
target_get_sess_cmd() has been called)Cc: Or Gerlitz
Cc: Mike Christie
Cc: stable@vger.kernel.org # 3.10+
Signed-off-by: Nicholas Bellinger -
This patch adds the missing isert_put_reject() logic to post
a outgoing payload buffer to hold the 48 bytes of original PDU
header request payload for the rejected cmd.It also fixes ISTATE_SEND_REJECT handling in isert_response_completion()
-> isert_do_control_comp() code, and drops incorrect iscsi_cmd_t->reject_comp
usage.Cc: Or Gerlitz
Cc: Mike Christie
Cc: stable@vger.kernel.org # 3.10+
Signed-off-by: Nicholas Bellinger
04 Jul, 2013
8 commits
-
Fix-up breakage in iscsit_build_sendtargets_response() from v3.11
changes, and free "payload" before returning.Signed-off-by: Dan Carpenter
Signed-off-by: Nicholas Bellinger -
All REJECT response setup of the rejected payload is now done using
on-demand cmd->buf_ptr allocations.Go ahead and remove dead iscsi_conn->bad_hdr usage rx_opcode path
Signed-off-by: Nicholas Bellinger
-
Fix up sense_reason_t breakage in core_scsi3_update_and_write_aptpl()
from recent conversion to use local scope memory allocation.Reported as sparse warnings: (new ones prefixed by >>) by Fengguang:
>> drivers/target/target_core_pr.c:2069:57: sparse: incorrect type in
>> return expression (different base types)
drivers/target/target_core_pr.c:2069:57: expected restricted sense_reason_t
drivers/target/target_core_pr.c:2069:57: got int
>> drivers/target/target_core_pr.c:2179:21: sparse: incorrect type in
>> assignment (different base types)
drivers/target/target_core_pr.c:2179:21: expected restricted sense_reason_t [assigned] [usertype] ret
drivers/target/target_core_pr.c:2179:21: got int
>> drivers/target/target_core_pr.c:2197:13: sparse: incorrect type in
>> assignment (different base types)
drivers/target/target_core_pr.c:2197:13: expected restricted sense_reason_t [assigned] [usertype] ret
drivers/target/target_core_pr.c:2197:13: got int
drivers/target/target_core_pr.c:1245:28: sparse: context imbalance in '__core_scsi3_free_registration' - unexpected unlockReported-by: kbuild test robot
Cc: Andy Grover
Signed-off-by: Nicholas Bellinger -
This patch adds a auth configfs group context following existing
explict NodeACL and discovery auth within:/sys/kernel/config/target/iscsi/$TARGETNAME/$TPGT/auth/
This patch allows these attributes to be used for CHAP authentication
an TPG is configured in demo-mode (generate_node_acl=1).Note this authentication information takes precedence over NodeACL
authentication when struct se_node_acl->dynamic_node_acl is present.Cc: Dax Kelson
Signed-off-by: Nicholas Bellinger -
This patch adds an optional /auth/ configfs group to TPG context that
can be used by fabrics like iscsi-target for TPG demo-mode
authentication.Cc: Dax Kelson
Signed-off-by: Nicholas Bellinger -
This patch changes ISCSI_OP_TEXT handling of SendTargets=[iqn.,eui.]
payloads to return explicit discovery information.It adds checks to iscsit_process_text_cmd() and adds the special single
$TARGETNAME discovery case in iscsit_build_sendtargets_response() code.Cc: Or Gerlitz
Cc: Mike Christie
Signed-off-by: Nicholas Bellinger -
This patch moves ISCSI_OP_TEXT PDU buffer sanity checks to
iscsit_process_text_cmd() code, so that it can be shared
with iser-target code.It adds IFC_SENDTARGETS_ALL + iscsi_cmd->text_in_ptr in order
to save text payload for ISCSI_OP_TEXT_RSP, and updates
iscsit_release_cmd() to assigned memory.Cc: Or Gerlitz
Cc: Mike Christie
Signed-off-by: Nicholas Bellinger -
This patch changes iscsi_set_connection_parameters() to allow
conn_ops->MaxXmitDataSegmentLength assignement to occur during
in-band iser send-targets discovery, as this value is required
by TEXT response processing code.Reported-by: Or Gerlitz
Cc: Or Gerlitz
Cc: Mike Christie
Signed-off-by: Nicholas Bellinger
26 Jun, 2013
1 commit
-
This patch refactoring existing iscsit_send_text_rsp() in order
to handle iscsi_text_rsp payloads in a transport specific manner.This includes the addition of iscsit_build_text_rsp() to build
the response payload and initialize ISCSI_OP_TEXT_RSP.v2: Make iscsit_build_text_rsp() determine extra padding bytes, and
drop legacy padding calculation for traditional iSCSI text
responses within iscsit_send_text_rsp()Reported-by: Or Gerlitz
Cc: Or Gerlitz
Cc: Mike Christie
Signed-off-by: Nicholas Bellinger
25 Jun, 2013
2 commits
-
This patch refactors ISCSI_OP_TEXT handling within iscsi-target in
order to handle iscsi_text payloads in a transport specific manner.This includes splitting current iscsit_handle_text_cmd() into
iscsit_setup_text_cmd() and iscsit_process_text_cmd() calls, and
makes iscsit_handle_text_cmd be only used internally by traditional
iscsi socket calls.Cc: Or Gerlitz
Cc: Mike Christie
Signed-off-by: Nicholas Bellinger -
This patch refactors ISCSI_OP_NOOP handling within iscsi-target in
order to handle iscsi_nopout payloads in a transport specific manner.This includes splitting existing iscsit_handle_nop_out() into
iscsit_setup_nop_out() and iscsit_process_nop_out() calls, and
makes iscsit_handle_nop_out() be only used internally by traditional
iscsi socket calls.Next update iser-target code to use new callers and add FIXME for
the handling iscsi_nopout payloads. Also fix reject response handling
in iscsit_setup_nop_out() to use proper iscsit_add_reject_from_cmd().v2: Fix uninitialized iscsit_handle_nop_out() payload_length usage (Fengguang)
v3: Remove left-over dead code in iscsit_setup_nop_out() (DanC)Signed-off-by: Nicholas Bellinger
21 Jun, 2013
10 commits
-
Comment from original 2012 patch:
In all our testing this function has never returned true. However, the
dropping of hardware_lock necessary to call this function seems to cause
a use-after-free we manage to hit rather frequently. Given this
cost-benefit ratio, I'm willing to remove some 100 lines of code.And since the same problem exists around shutdown_sess and put_sess,
this patch changes them from taking the hardware_lock to requiring the
hardware_lock to be taken. In most cases the caller already had the
lock and had to drop it for the called method to reacquire it. At best
that hurts performance and in rare instances it causes races with fatal
consequences.We dropped the original 2012 patch when upgrading our kernel and it took
us nearly half a year to discover we still need it.(nab: Fix qla_tgt_sess reference in tcm_qla2xxx_put_sess)
Signed-off-by: Joern Engel
Cc: Giridhar Malavali
Cc: Chad Dupuis
Signed-off-by: Nicholas Bellinger -
This patch coverts vhost/scsi to se_cmd->cmd_kref TARGET_SCF_ACK_KREF
usage, instead of assuming that vhost_scsi_free_cmd() is always called
before TCM processing is completed in the response fast path.This includes adding vhost_scsi_check_stop_free() -> target_put_sess_cmd()
to perform the second se_cmd->cmd_kref put, and moving vhost_scsi_free_cmd()
resource release into tcm_vhost_release_cmd() that is invoked once the last
se_cmd->cmd_kref put occurs.Cc: Christoph Hellwig
Cc: Roland Dreier
Cc: Kent Overstreet
Cc: Asias He
Cc: Michael S. Tsirkin
Cc: Or Gerlitz
Cc: Moussa Ba
Signed-off-by: Nicholas Bellinger -
This patch changes vhost_scsi_free_cmd() to call transport_generic_free_cmd()
with wait_for_tasks=false in order to avoid the extra se_cmd->t_state_lock
access for the wait_for_tasks=true case.This is unnecessary because vhost_scsi_free_cmd() is only ever called by
vhost_scsi_complete_cmd_work() after TCM completion handoff, and by
vhost_scsi_handle_vq() exception code before TCM submission handoff, so
there is never a case where se_cmd is still active from TCM's perspective
when transport_generic_free_cmd() is called.Cc: Christoph Hellwig
Cc: Roland Dreier
Cc: Kent Overstreet
Cc: Asias He
Cc: Michael S. Tsirkin
Cc: Or Gerlitz
Cc: Moussa Ba
Signed-off-by: Nicholas Bellinger -
Now with iscsi-target using modern se_cmd->cmd_kref accounting in
v3.10 code, it's safe to go ahead and drop the legacy release
codepath + se_cmd->check_release bit in transport_release_cmd()Cc: Christoph Hellwig
Cc: Roland Dreier
Cc: Kent Overstreet
Cc: Or Gerlitz
Cc: Moussa Ba
Signed-off-by: Nicholas Bellinger -
In modern iscsi-target code, the setup and I/O submission is done within a
single process context, so there is no need to acquire se_cmd->t_state_lock while
checking SCF_SUPPORTED_SAM_OPCODE for determining when unsolicited data-out
should be dumped.Cc: Christoph Hellwig
Cc: Roland Dreier
Cc: Kent Overstreet
Cc: Or Gerlitz
Cc: Moussa Ba
Signed-off-by: Nicholas Bellinger -
This patch drops the se_cmd->t_state_lock access around SCF_SUPPORTED_SAM_OPCODE
assignment within target_setup_cmd_from_cdb().Original v4.0 target code required this as fabrics would be checking for
this values in different process contexts for setup and I/O submission.Given that modern v4.1 target code performs setup and I/O submission
from the same process context, this t_state_lock access is no longer
required.Cc: Christoph Hellwig
Cc: Roland Dreier
Cc: Kent Overstreet
Cc: Or Gerlitz
Cc: Moussa Ba
Signed-off-by: Nicholas Bellinger -
This patch makes target_execute_cmd() set CMD_T_BUSY|CMD_T_SENT while
holding se_cmd->t_state_lock, in order to avoid the extra aquire/release
in __target_execute_cmd().It also clears these bits in case of a target_handle_task_attr()
failure.Cc: Christoph Hellwig
Cc: Roland Dreier
Cc: Kent Overstreet
Cc: Or Gerlitz
Cc: Moussa Ba
Signed-off-by: Nicholas Bellinger -
This patch removes legacy se_cmd->t_fe_count usage in order to avoid
se_cmd->t_state_lock access within transport_put_cmd() during normal
fast path se_cmd descriptor release.Also drop the left-over parameter usage within core_tmr_handle_tas_abort()
Cc: Christoph Hellwig
Cc: Roland Dreier
Cc: Kent Overstreet
Cc: Or Gerlitz
Cc: Moussa Ba
Signed-off-by: Nicholas Bellinger -
This patch drops an unnecessary acquire/release of se_cmd->t_state_lock within
transport_lun_remove_cmd() when checking CMD_T_DEV_ACTIVE for invoking
target_remove_from_state_list().For all fast path completion cases, transport_lun_remove_cmd() is always
called ahead of transport_cmd_check_stop(), and since transport_cmd_check_stop()
is calling target_remove_from_state_list() when remove_from_lists=true,
the t_state_lock usage in transport_lun_remove_cmd() can safely be removed.Cc: Christoph Hellwig
Cc: Roland Dreier
Cc: Kent Overstreet
Cc: Or Gerlitz
Cc: Moussa Ba
Signed-off-by: Nicholas Bellinger -
This patch adds a new transport_cmd_check_stop() parameter for signaling
when TRANSPORT_WRITE_PENDING needs to be set.This allows transport_generic_new_cmd() to avoid the extra lock acquire/release
of ->t_state_lock in the fast path for DMA_TO_DEVICE operations ahead of
transport_cmd_check_stop() + se_tfo->write_pending().Cc: Christoph Hellwig
Cc: Roland Dreier
Cc: Kent Overstreet
Cc: Or Gerlitz
Cc: Moussa Ba
Signed-off-by: Nicholas Bellinger
14 Jun, 2013
13 commits
-
Signed-off-by: Andy Grover
Signed-off-by: Nicholas Bellinger -
Nobody should be expecting to read or write virtual_lun0.
Signed-off-by: Andy Grover
Signed-off-by: Nicholas Bellinger -
Use bool params when appropriate.
Eliminate unneeded pr_reg_e and type variables.
Just one goto label, so rename to 'out' from 'out_put_pr_reg'.
Signed-off-by: Andy Grover
Signed-off-by: Nicholas Bellinger -
Don't need goto, we can just do an if/else for sa_res_key behavior. Move
shorter case first. Slightly shorter b/c both cases can share a call to
update_and_write_aptpl() now.Signed-off-by: Andy Grover
Signed-off-by: Nicholas Bellinger -
Instead of taking the buffer and length, update_and_write_aptpl() will
allocate the buffer as needed, and then free it. Instead, the function
takes an 'aptpl' boolean parameter.This enables us to remove memory alloc/frees from struct
t10_pr_registration and other spots.There is a slight loss of functionality because each callsite doesn't get
its own pr_debug any more, but this info can be cleaned via ftrace if
necessary and I think the shorter code is worth it.Signed-off-by: Andy Grover
Signed-off-by: Nicholas Bellinger -
aptpl_file_mutex seems to no longer exist.
Signed-off-by: Andy Grover
Signed-off-by: Nicholas Bellinger -
As mentioned in the comments in update_and_write_aptpl,
write_aptpl_to_file() calls strlen() on the buffer, and the length was
always being passed as zero.Signed-off-by: Andy Grover
Signed-off-by: Nicholas Bellinger -
It's only ever set to PR_APTPL_BUF_LEN, so we don't need a variable.
Signed-off-by: Andy Grover
Signed-off-by: Nicholas Bellinger -
The __ version is only ever called from the regular version, so just
inline it. It's not too much more complex to handle both spinlocks in the
same function.Signed-off-by: Andy Grover
Signed-off-by: Nicholas Bellinger -
Simpler to just set buf in update_and_write_aptpl(), rather than passing
down to ____core_scsi3_update_aptpl_buf().Signed-off-by: Andy Grover
Signed-off-by: Nicholas Bellinger -
They're in emulate_pro_register, so change UNREGISTER to REGISTER.
The first one seems wrong -- sa_res_key could be 0 there, but it's testing
spec_i_pt.Remove unneeded parens in 2nd conditional.
Signed-off-by: Andy Grover
Signed-off-by: Nicholas Bellinger -
We use this function exclusively in debug prints. Instead of returning
0 or 1 if isid is present, just set buf to "" if it isn't there. This
saves callers from having to check the return value.Signed-off-by: Andy Grover
Signed-off-by: Nicholas Bellinger -
core_scsi3_enulate_pro_register took an 'ignore_key' parameter that
really distinguished between REGISTER and REGISTER_AND_IGNORE_EXISTING_KEY
registration types, which was a little confusing. Same situation for
PREEMPT and PREEMPT_AND_ABORT. Use enums to add a little more
descriptiveness to the code.Signed-off-by: Andy Grover
Signed-off-by: Nicholas Bellinger
09 Jun, 2013
4 commits
-
This patch fixes warnings due to missing lock on write error path.
WARNING: at fs/hpfs/hpfs_fn.h:353 hpfs_truncate+0x75/0x80 [hpfs]()
Hardware name: empty
Pid: 26563, comm: dd Tainted: P O 3.9.4 #12
Call Trace:
hpfs_truncate+0x75/0x80 [hpfs]
hpfs_write_begin+0x84/0x90 [hpfs]
_hpfs_bmap+0x10/0x10 [hpfs]
generic_file_buffered_write+0x121/0x2c0
__generic_file_aio_write+0x1c7/0x3f0
generic_file_aio_write+0x7c/0x100
do_sync_write+0x98/0xd0
hpfs_file_write+0xd/0x50 [hpfs]
vfs_write+0xa2/0x160
sys_write+0x51/0xa0
page_fault+0x22/0x30
system_call_fastpath+0x1a/0x1fSigned-off-by: Mikulas Patocka
Cc: stable@kernel.org # 2.6.39+
Signed-off-by: Linus Torvalds -
Pull timer fixes from Thomas Gleixner:
- Trivial: unused variable removal
- Posix-timers: Add the clock ID to the new proc interface to make it
useful. The interface is new and should be functional when we reach
the final 3.10 release.- Cure a false positive warning in the tick code introduced by the
overhaul in 3.10- Fix for a persistent clock detection regression introduced in this
cycle* 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
timekeeping: Correct run-time detection of persistent_clock.
ntp: Remove unused variable flags in __hardpps
posix-timers: Show clock ID in proc file
tick: Cure broadcast false positive pending bit warning -
Pull irqdomain bug fixes from Grant Likely:
"This branch contains a set of straight forward bug fixes to the
irqdomain code and to a couple of drivers that make use of it."* tag 'irqdomain-for-linus' of git://git.secretlab.ca/git/linux:
irqchip: Return -EPERM for reserved IRQs
irqdomain: document the simple domain first_irq
kernel/irq/irqdomain.c: before use 'irq_data', need check it whether valid.
irqdomain: export irq_domain_add_simple
