| Message ID | 20210329020028.18241-1-bvanassche@acm.org (mailing list archive) |
|---|---|
| Headers | show |
| Series | blk-mq: Fix a race between iterating over requests and freeing requests | expand |
On 3/28/21 7:00 PM, Bart Van Assche wrote: > This patch series fixes the race between iterating over requests and > freeing requests that has been reported by multiple different users over > the past two years. Please consider this patch series for kernel v5.13. Hi Christoph and Martin, Since this patch series makes significant changes in the NVMe core and also in the SCSI core, your feedback would be appreciated. Thanks, Bart.
On Mar 29, 2021 / 02:00, Bart Van Assche wrote: > Hi Jens, > > This patch series fixes the race between iterating over requests and > freeing requests that has been reported by multiple different users over > the past two years. Please consider this patch series for kernel v5.13. I suggest to pick this up for v5.12. The blktests block/005 test case always fails with the use-after-free message, when it is run with KASAN enabled kernel v5.12-rcX and HDDs behind SAS HBA (Broadcom 9400 in my environment). I confirmed that this series fixes the problem. Also, no regression was observed with my test set. So, for the whole series, Tested-by: Shin'ichiro Kawasaki <shinichiro.kawasaki@wdc.com>
Bart, > This patch series fixes the race between iterating over requests and > freeing requests that has been reported by multiple different users > over the past two years. Please consider this patch series for kernel > v5.13. No objections from me. Acked-by: Martin K. Petersen <martin.petersen@oracle.com>
Looks good,
Reviewed-by: Christoph Hellwig <hch@lst.de>
Hi Jens, This patch series fixes the race between iterating over requests and freeing requests that has been reported by multiple different users over the past two years. Please consider this patch series for kernel v5.13. Thank you, Bart. Changes between v3 and v4: - Fixed support for tag sets shared across hardware queues. - Renamed blk_mq_wait_for_tag_readers() into blk_mq_wait_for_tag_iter(). - Removed the fourth argument of blk_mq_queue_tag_busy_iter() again. Changes between v2 and v3: - Converted the single v2 patch into a series of three patches. - Switched from SRCU to a combination of RCU and semaphores. Changes between v1 and v2: - Reformatted patch description. - Added Tested-by/Reviewed-by tags. - Changed srcu_barrier() calls into synchronize_srcu() calls. Bart Van Assche (3): blk-mq: Move the elevator_exit() definition blk-mq: Introduce atomic variants of the tag iteration functions blk-mq: Fix a race between iterating over requests and freeing requests block/blk-core.c | 34 ++++++++++++++++- block/blk-mq-tag.c | 79 ++++++++++++++++++++++++++++++++++----- block/blk-mq-tag.h | 6 ++- block/blk-mq.c | 23 +++++++++--- block/blk-mq.h | 1 + block/blk.h | 11 +----- block/elevator.c | 9 +++++ drivers/scsi/hosts.c | 16 ++++---- drivers/scsi/ufs/ufshcd.c | 4 +- include/linux/blk-mq.h | 2 + 10 files changed, 149 insertions(+), 36 deletions(-)