New EH framework has clear distinction about who owns a qc. Every qc
starts owned by normal execution path - PIO, interrupt or whatever.
When an exception condition occurs which affects the qc, the qc gets
scheduled for EH. Note that some events (say, link lost and regained,
command timeout) may schedule qc's which are not directly related but
could have been affected for EH too. Scheduling for EH is atomic
w.r.t. ap->host_set->lock and once schedule for EH, normal execution
path is not allowed to access the qc in whatever way. (PIO
synchronization acts a bit different and will be dealt with later)
This patch make ata_qc_from_tag() check whether a qc is active and
owned by normal path before returning it. If conditions don't match,
NULL is returned and thus access to the qc is denied.
__ata_qc_from_tag() is the original ata_qc_from_tag() and is used by
libata core/EH layers to access inactive/failed qc's.
This change is applied only if the associated LLDD implements new EH
as indicated by non-NULL ->error_handler
Signed-off-by: Tejun Heo <htejun@xxxxxxxxx>
---
drivers/scsi/libata-core.c | 4 ++--
include/linux/libata.h | 19 +++++++++++++++++--
2 files changed, 19 insertions(+), 4 deletions(-)
6d50afcc7b9166668faffbdf0b644eeadbb3ed71
diff --git a/drivers/scsi/libata-core.c b/drivers/scsi/libata-core.c
index 3de1750..76df36d 100644
--- a/drivers/scsi/libata-core.c
+++ b/drivers/scsi/libata-core.c
@@ -1001,7 +1001,7 @@ unsigned ata_exec_internal(struct ata_de
if (test_and_set_bit(tag, &ap->qactive))
BUG();
- qc = ata_qc_from_tag(ap, tag);
+ qc = __ata_qc_from_tag(ap, tag);
qc->tag = tag;
qc->scsicmd = NULL;
@@ -4041,7 +4041,7 @@ static struct ata_queued_cmd *ata_qc_new
/* the last tag is reserved for internal command. */
for (i = 0; i < ATA_MAX_QUEUE - 1; i++)
if (!test_and_set_bit(i, &ap->qactive)) {
- qc = ata_qc_from_tag(ap, i);
+ qc = __ata_qc_from_tag(ap, i);
break;
}
diff --git a/include/linux/libata.h b/include/linux/libata.h
index 2b384e8..3d6942a 100644
--- a/include/linux/libata.h
+++ b/include/linux/libata.h
@@ -832,14 +832,29 @@ static inline void ata_qc_set_polling(st
qc->tf.ctl |= ATA_NIEN;
}
-static inline struct ata_queued_cmd *ata_qc_from_tag (struct ata_port *ap,
- unsigned int tag)
+static inline struct ata_queued_cmd *__ata_qc_from_tag(struct ata_port *ap,
+ unsigned int tag)
{
if (likely(ata_tag_valid(tag)))
return &ap->qcmd[tag];
return NULL;
}
+static inline struct ata_queued_cmd *ata_qc_from_tag(struct ata_port *ap,
+ unsigned int tag)
+{
+ struct ata_queued_cmd *qc = __ata_qc_from_tag(ap, tag);
+
+ if (unlikely(!qc) || !ap->ops->error_handler)
+ return qc;
+
+ if ((qc->flags & (ATA_QCFLAG_ACTIVE |
+ ATA_QCFLAG_FAILED)) == ATA_QCFLAG_ACTIVE)
+ return qc;
+
+ return NULL;
+}
+
static inline void ata_tf_init(struct ata_device *dev, struct ata_taskfile *tf)
{
memset(tf, 0, sizeof(*tf));
--
1.2.4
-
: send the line "unsubscribe linux-ide" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
