• Nicholas Bellinger's avatar
    [SCSI] target: Fix bug with task_sg chained transport_free_dev_tasks release · 42c6951e
    Nicholas Bellinger authored
    This patch addresses a bug in the target core release path for HW
    operation where transport_free_dev_tasks() was incorrectly being called
    from transport_lun_remove_cmd() while releasing a se_cmd reference and
    calling struct target_core_fabric_ops->queue_data_in().
    
    This would result in a OOPs with HW target mode when the release of
    se_task->task_sg[] would happen before pci_unmap_sg() can be called in
    HW target mode fabric module code.  This patch addresses the issue by
    moving transport_free_dev_tasks() from transport_lun_remove_cmd() into
    transport_generic_free_cmd(), and adding TRANSPORT_FREE_CMD_INTR and
    transport_generic_free_cmd_intr() to allow se_cmd descriptor release
    to happen fromfrom within transport_processing_thread() process context
    when release of se_cmd is not possible from HW interrupt context.
    Signed-off-by: default avatarNicholas Bellinger <nab@linux-iscsi.org>
    Cc: stable@kernel.org
    Signed-off-by: default avatarJames Bottomley <jbottomley@parallels.com>
    42c6951e
target_core_transport.h 11.8 KB