In case the integrity capabilities of the failed path and the failover
path don't match, we may run into NULL dereference. Free the integrity
context during the path failover and let the block layer prepare it
again if needed during bio_submit.
Reviewed-by: Israel Rukshin <israelr@xxxxxxxxxx>
Tested-by: Ori Evron <oevron@xxxxxxxxxx>
Signed-off-by: Ori Evron <oevron@xxxxxxxxxx>
Signed-off-by: Max Gurtovoy <mgurtovoy@xxxxxxxxxx>
---
drivers/nvme/host/multipath.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/drivers/nvme/host/multipath.c b/drivers/nvme/host/multipath.c
index 9171452e2f6d..f439916f4447 100644
--- a/drivers/nvme/host/multipath.c
+++ b/drivers/nvme/host/multipath.c
@@ -6,6 +6,7 @@
#include <linux/backing-dev.h>
#include <linux/moduleparam.h>
#include <linux/vmalloc.h>
+#include <linux/blk-integrity.h>
#include <trace/events/block.h>
#include "nvme.h"
@@ -106,6 +107,14 @@ void nvme_failover_req(struct request *req)
bio->bi_opf &= ~REQ_POLLED;
bio->bi_cookie = BLK_QC_T_NONE;
}
+ /*
+ * If the failover path will not be integrity capable the bio
+ * should not have integrity context.
+ * If the failover path will be integrity capable the bio will
+ * be prepared for integrity again.
+ */
+ if (bio_integrity(bio))
+ bio_integrity_free(bio);
}
blk_steal_bios(&ns->head->requeue_list, req);
spin_unlock_irqrestore(&ns->head->requeue_lock, flags);
This looks good to me,
Reviewed-by: Sagi Grimberg <sagi@xxxxxxxxxxx>