From: Nicholas Bellinger <nab@xxxxxxxxxxxxxxx>
This patch fixes a potential deadlock where qla_tgt_pre_xmit_response()
can be called with qla_hw_data->hardware_lock already held w/ aborted
status, causing qla24xx_send_term_exchange() to be called with
'ha_locked == 0' and causing hardware_lock to be taken again within
qla24xx_send_term_exchange(). This patch addresses the issue by checking
qla_tgt_cmd->locked_rsp to determine 'ha_locked' before calling into
qla24xx_send_term_exchange().
Signed-off-by: Nicholas Bellinger <nab@xxxxxxxxxxxxxxxxxxxxx>
---
drivers/scsi/qla2xxx/qla_target.c | 8 ++++++--
1 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/drivers/scsi/qla2xxx/qla_target.c b/drivers/scsi/qla2xxx/qla_target.c
index 69d3d84..642dac8 100644
--- a/drivers/scsi/qla2xxx/qla_target.c
+++ b/drivers/scsi/qla2xxx/qla_target.c
@@ -2118,6 +2118,8 @@ static int qla_tgt_pre_xmit_response(struct qla_tgt_cmd *cmd, struct qla_tgt_prm
struct se_cmd *se_cmd = &cmd->se_cmd;
if (unlikely(cmd->aborted)) {
+ int unlocked_term = (cmd->locked_rsp == 0);
+
DEBUG22(qla_printk(KERN_INFO, ha, "qla_target(%d): terminating exchange "
"for aborted cmd=%p (se_cmd=%p, tag=%d)",
vha->vp_idx, cmd, se_cmd, cmd->tag));
@@ -2125,9 +2127,11 @@ static int qla_tgt_pre_xmit_response(struct qla_tgt_cmd *cmd, struct qla_tgt_prm
cmd->state = QLA_TGT_STATE_ABORTED;
if (IS_FWI2_CAPABLE(ha))
- qla24xx_send_term_exchange(vha, cmd, &cmd->atio.atio7, 0);
+ qla24xx_send_term_exchange(vha, cmd, &cmd->atio.atio7,
+ unlocked_term);
else
- qla2xxx_send_term_exchange(vha, cmd, &cmd->atio.atio2x, 0);
+ qla2xxx_send_term_exchange(vha, cmd, &cmd->atio.atio2x,
+ unlocked_term);
/* !! At this point cmd could be already freed !! */
return QLA_TGT_PRE_XMIT_RESP_CMD_ABORTED;
}
--
1.7.2.5
--
To unsubscribe from this list: send the line "unsubscribe target-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
