• Tony Battersby's avatar
    sg: fix unkillable I/O wait deadlock with scsi-mq · 7568615c
    Tony Battersby authored
    When using the write()/read() interface for submitting commands, the
    SCSI generic driver does not call blk_put_request() on a completed SCSI
    command until userspace calls read() to get the command completion.
    Since scsi-mq uses a fixed number of preallocated requests, this makes
    it possible for userspace to exhaust the entire preallocated supply of
    requests.  For places in the kernel that call blk_get_request() with
    GFP_KERNEL, this can cause the calling process to deadlock in a
    permanent unkillable I/O wait in blk_get_request() -> ... -> bt_get().
    For places in the kernel that call blk_get_request() with GFP_ATOMIC,
    this can cause blk_get_request() always to return -EWOULDBLOCK.  Note
    that these problems happen only if scsi-mq is enabled.  Prevent the
    problems by calling blk_put_request() as soon as the SCSI command
    completes instead of waiting for userspace to call read().
    
    Cc: <stable@vger.kernel.org> # 3.17+
    Signed-off-by: default avatarTony Battersby <tonyb@cybernetics.com>
    Acked-by: default avatarDouglas Gilbert <dgilbert@interlog.com>
    Tested-by: default avatarDouglas Gilbert <dgilbert@interlog.com>
    Signed-off-by: default avatarJames Bottomley <JBottomley@Parallels.com>
    7568615c
sg.c 72 KB