• James Smart's avatar
    scsi: lpfc: Don't release final kref on Fport node while ABTS outstanding · 982fc396
    James Smart authored
    In a rarely executed path, FLOGI failure, there is a refcounting error.  If
    FLOGI completed with an error, typically a timeout, the initial completion
    handler would remove the job reference. However, the job completion isn't
    the actual end of the job/exchange as the timeout usually initiates an
    ABTS, and upon that ABTS completion, a final completion is sent. The driver
    removes the reference again in the final completion. Thus the imbalance.
    
    In the buggy cases, if there was a link bounce while the delayed response
    is outstanding, the fport node may be referenced again but there was no
    additional reference as it is already present. The delayed completion then
    occurs and removes the last reference freeing the node and causing issues
    in the link up processed that is using the node.
    
    Fix this scenario by removing the snippet that removed the reference in the
    initial FLOGI completion. The bad snippet was poorly trying to identify the
    FLOGI as OK to do so by realizing the node was not registered with either
    SCSI or NVMe transport.
    
    Link: https://lore.kernel.org/r/20210910233159.115896-3-jsmart2021@gmail.com
    Fixes: 618e2ee1 ("scsi: lpfc: Fix FLOGI failure due to accessing a freed node")
    Cc: <stable@vger.kernel.org> # v5.13+
    Co-developed-by: default avatarJustin Tee <justin.tee@broadcom.com>
    Signed-off-by: default avatarJustin Tee <justin.tee@broadcom.com>
    Signed-off-by: default avatarJames Smart <jsmart2021@gmail.com>
    Signed-off-by: default avatarMartin K. Petersen <martin.petersen@oracle.com>
    982fc396
lpfc_hbadisc.c 206 KB