On Sun, Apr 25, 2021 at 01:53:16PM -0700, Bart Van Assche wrote: > On 4/25/21 2:27 AM, Ming Lei wrote: > > On Sun, Apr 25, 2021 at 04:57:45PM +0800, Ming Lei wrote: > >> Revert 4 patches from Bart which try to fix request UAF issue related > >> with iterating over tagset wide requests, because: > > Where were you during the four weeks that my patch series was out for > review? I haven't seen any feedback from you on my patch series. To be honest, it is just two days ago I have to take a close look at your patchset because we may have to backport your patches for addressing one RH report with high priority. David is in CC list, and Laurence/David is looking the report too. > > >> 1) request UAF caused by normal completion vs. async completion during > >> iterating can't be covered[1] > > I do not agree with the above. Patches 5/8 and 6/8 from this series can > be applied without reverting any of my patches. The thing is that 5 ~ 8 can fix the issue in a simpler way without adding extra cost in fast path, and the idea is easier to be proved. BTW, as a downstream kernel developer, I really hope all fix are simple and easy to backport. More importantly, I do prefer to approaches in patch which can be proved/verified easily, so further regression can be avoided. > > > 4) synchronize_rcu() is added before shutting down one request queue, > > which may slow down reboot/poweroff very much on big systems with lots of > > HBAs in which lots of LUNs are attached. > > The synchronize_rcu() can be removed by using a semaphore > (<linux/semaphore.h>) instead of an RCU reader lock inside bt_tags_iter(). I am not sure you can, because some iteration is done in atomic context. Thanks, Ming
