If we go to the "out_term:" exit path in qlt_do_work(), we call
qlt_send_term_exchange() with a NULL cmd, which means that it can't
possibly free the cmd for us. Add an explicit call to free the
command memory, so we don't leak the allocation.
This will also fix warnings about "BUG qla_tgt_cmd_cachep: Objects
remaining on kmem_cache_close" from slub when unloading the qla2xxx
target module.
Signed-off-by: Roland Dreier <roland@purestorage.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
In qlt_do_ctio_completion(), there's no point in calling
qlt_term_ctio_exchange() with a NULL cmd -- all that it does is crash
in a NULL pointer dereference, since it does
qlt_send_term_exchange(vha, cmd, &cmd->atio, 1);
and dereferencing &cmd->atio is a bad idea if cmd itself is NULL.
If we really need to do this, we could take the values from the
failed CTIO we're processing, but it's not clear if it's worth
the replumbing to do that.
Signed-off-by: Roland Dreier <roland@purestorage.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
When we create an explicit node ACL in tcm_qla2xxx_make_nodeacl(),
there is a call to tcm_qla2xxx_setup_nacl_from_rport(), which puts the
node ACL into the lport_fcport_map even though there is no session yet
for the initiator. Since the only time we remove entries from this
map is when we free a session, this means that if we later delete this
node ACL without the initiator ever creating a session, we'll leave
the nacl pointer in the btree pointing at freed memory.
This is especially bad if that initiator later does send us a command
that would cause us to create a dynamic ACL and session: we'll find
the stale freed nacl pointer in the btree and end up with use-after-free.
We could add more code to clear the btree entry when deleting the
explicit nacl, but the original insertion is pointless: without a
session attached, we'll just have to update the entry when a session
appears anyway. So we can just delete tcm_qla2xxx_setup_nacl_from_rport()
and the code that calls it.
Signed-off-by: Roland Dreier <roland@purestorage.com>
Cc: Chad Dupuis <chad.dupuis@qlogic.com>
Cc: Giridhar Malavali <giridhar.malavali@qlogic.com>
Cc: Arun Easi <arun.easi@qlogic.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
This patch adds a new tcm_qla2xxx_clear_sess_lookup() call to clear session
specific s_id + loop_id entries used for se_node_acl pointer lookup ahead
of releasing se_session within the process context workqueue callback in
tcm_qla2xxx_free_session().
It makes the call in existing tcm_qla2xxx_clear_nacl_from_fcport_map()
code invoked from qlt_unreg_sess() in interrupt context w/ hardware_lock
held, ahead of the process context callback into qlt_free_session_done()
-> tcm_qla2xxx_free_session().
We are doing this to address a race between incoming ATIO or TMR packets
using stale se_node_acl pointer once session shutdown has been invoked via
qlt_unreg_sess() in qla_target.c LLD code, and when the entire tcm_qla2xxx
endpoint has not been forced into shutdown w/ echo 0 > ../$QLA2XXX_PORT/enable
Cc: Joern Engel <joern@logfs.org>
Cc: Roland Dreier <roland@purestorage.com>
Cc: Arun Easi <arun.easi@qlogic.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
This patch converts tcm_qla2xxx code to use an internal kref_put() for
se_session->sess_kref in order to ensure that qla_hw_data->hardware_lock
can be held while calling qlt_unreg_sess() for the final put.
Signed-off-by: Joern Engel <joern@logfs.org>
Cc: Roland Dreier <roland@purestorage.com>
Cc: Arun Easi <arun.easi@qlogic.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
iQEcBAABAgAGBQJPx1M+AAoJEDeqqVYsXL0MNOMH/jSbgDAHQskBuZMCEoVUHykZ
3aKiPFJQfnF1nQqN/xxECGFc7glrKSHv1fpAG9wDk0HLHNhP+QoOBVYdDGHpzktk
eP1hB6rWE/auJz90rIrKomJoD+cVYDRHkhlbNr1DsYBuXI+BGX0aUp+uAaajoxAT
8wp4/Z5007llQQXnep2Z0AvzIWBdCeR4PBXX5YvalJ8Qz3Rj8bYeY10oDpx6nO7v
iGcyh+h0Eo+q9KEQ3PosoDnqaskq44yTY4MWeE1Kd64fQM1JYTJo0SxOGGVxHHwQ
ZLfhX+fH3jCyBP0qRzCqBvSKTuiWeMBc8POdLbLMnq6ClCgQTr41iHH7UTuXXjE=
=fZOy
-----END PGP SIGNATURE-----
Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
Pull final round of SCSI updates from James Bottomley:
"This is primarily another round of driver updates (bnx2fc, qla2xxx,
qla4xxx) including the target mode driver for qla2xxx. We've also got
a couple of regression fixes (async scanning, broken this merge window
and a fix to a long standing break in the scsi_wait_scan module)."
* tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: (45 commits)
[SCSI] fix scsi_wait_scan
[SCSI] fix async probe regression
[SCSI] be2iscsi: fix dma free size mismatch regression
[SCSI] qla4xxx: Update driver version to 5.02.00-k17
[SCSI] qla4xxx: Capture minidump for ISP82XX on firmware failure
[SCSI] qla4xxx: Add change_queue_depth API support
[SCSI] qla4xxx: Fix clear ddb mbx command failure issue.
[SCSI] qla4xxx: Fix kernel panic during discovery logout.
[SCSI] qla4xxx: Correct early completion of pending mbox.
[SCSI] fcoe, bnx2fc, libfcoe: SW FCoE and bnx2fc use FCoE Syfs
[SCSI] libfcoe: Add fcoe_sysfs
[SCSI] bnx2fc: Allocate fcoe_ctlr with bnx2fc_interface, not as a member
[SCSI] fcoe: Allocate fcoe_ctlr with fcoe_interface, not as a member
[SCSI] Fix dm-multipath starvation when scsi host is busy
[SCSI] ufs: fix potential NULL pointer dereferencing error in ufshcd_prove.
[SCSI] qla2xxx: don't free pool that wasn't allocated
[SCSI] mptfusion: unlock on error in mpt_config()
[SCSI] tcm_qla2xxx: Add >= 24xx series fabric module for target-core
[SCSI] qla2xxx: Add LLD target-mode infrastructure for >= 24xx series
[SCSI] Revert "qla2xxx: During loopdown perform Diagnostic loopback."
...
Pull trivial updates from Jiri Kosina:
"As usual, it's mostly typo fixes, redundant code elimination and some
documentation updates."
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (57 commits)
edac, mips: don't change code that has been removed in edac/mips tree
xtensa: Change mail addresses of Hannes Weiner and Oskar Schirmer
lib: Change mail address of Oskar Schirmer
net: Change mail address of Oskar Schirmer
arm/m68k: Change mail address of Sebastian Hess
i2c: Change mail address of Oskar Schirmer
net: Fix tcp_build_and_update_options comment in struct tcp_sock
atomic64_32.h: fix parameter naming mismatch
Kconfig: replace "--- help ---" with "---help---"
c2port: fix bogus Kconfig "default no"
edac: Fix spelling errors.
qla1280: Remove redundant NULL check before release_firmware() call
remoteproc: remove redundant NULL check before release_firmware()
qla2xxx: Remove redundant NULL check before release_firmware() call.
aic94xx: Get rid of redundant NULL check before release_firmware() call
tehuti: delete redundant NULL check before release_firmware()
qlogic: get rid of a redundant test for NULL before call to release_firmware()
bna: remove redundant NULL test before release_firmware()
tg3: remove redundant NULL test before release_firmware() call
typhoon: get rid of redundant conditional before all to release_firmware()
...
In the original code, if dma_pool_alloc() fails then we call
dma_pool_free(). It causes an error, possibly a NULL dereference.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
This patch adds support for tcm_qla2xxx fabric module for target-core
using the new qla_target.c LLD logic. This includes support for explict
NodeACLs via configfs using tcm_qla2xxx_setup_nacl_from_rport() from libfc
struct fc_host->rports, and demo-mode support for virtual LUN=0 access.
This patch also adds support for using tcm_qla2xxx_lport->lport_fcport_map
and ->lport_loopid_map of btree_head32 to track struct se_node_acl pointers
for individual 24-bit Port ID and 16-bit Loop ID values w/ qla_target_template
->find_sess_by_s_id() and ->find_sess_by_loop_id() used in a number of
locations into the primary I/O dispatch logic in qla_target.c LLD code.
The main piece for FC Nexus setup is in tcm_qla2xxx_check_initiator_node_acl(),
which calls tcm_qla2xxx_set_sess_by_[s_id,loop_id]() to setup our
lport->lport_fcport_map and lport_loopid_map pointers respectively, and
register the new nexus with TCM via __transport_register_session().
(nab: Add qla_tgt_mgmt_cmd usage with TARGET_SCF_ACK_KREF during TMRs +
change tcm_qla2xxx_nacl->nport_id to u32 (DanC))
(danc: tcm_qla2xxx: checking for NULL instead of IS_ERR())
(roland: Fix up v3.5 breakage for removal of transport_do_task_sg_chain +
Add hook so qla_target code can shutdown sessions)
(steveh: Convert FC address map from flat array to btree)
(randy: fix qla2xxx printk format warnings for size_t)
(joern: Make most of tcm_qla2xxx static + remove unnecessary
workqueue_struct prototypes + use WWN_SIZE instead of hard-coded
constants)
Signed-off-by: Nicholas A. Bellinger <nab@linux-iscsi.org>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Add LLD target mode for >= 24xx series HW. This code was originally based on
external qla2x00t module based on 8.02.01-k4, and has been refactored to
push the bulk of code into mainline qla2xxx.ko LLD -> qla_target.c.
The implementation uses internal workqueues for I/O context submission
into tcm_qla2xxx code, and includes the struct qla_tgt_func_tmpl API for
external interaction to allow qla2xxx LDD to function without direct
target-core dependencies:
It also enables qla_target.c usage within existing qla2xxx LLD code.
This includes:
*) Addition of target mode specific members to existing data
structures in qla_def.h and struct qla_hw_data->tgt_ops using
qla_target.h:struct qla_tgt_func_tmpl
*) Addition of struct qla_tgt_func_tmpl and direct calls into
qla_target.c logic w/ qlt_* prefixed functions.
*) Addition of qla_iocb.c:qla2x00_req_pkt() for ring processing, and
qla2x00_issue_marker() for handling request/response queue processing
for target mode operation
*) Addition of various qla_tgt_mode_enabled() logic checks in
qla24xx_nvram_config(), qla2x00_initialize_adapter(), qla2x00_rff_id(),
qla2x00_abort_isp(), qla24xx_modify_vp_config(), and
qla2x00_vp_abort_isp().
By default the new qlini_mode module parameter is setting initiator-mode
to 'enabled' in order for 'modprobe qla2xxx' to continue to function as
expected in initiator only mode. Enabling target-mode operation will
currently require a:
modprobe qla2xxx qlini_mode="disabled"
in order to explictly disabled initiator mode and allow target-mode
to be enabled via tcm_qla2xxx configfs fabric callers.
(nab: Convert to qlini_mode='enabled' by default in qla_target.c)
(joern: Remove loop_id from qla_tgt_make_local_sess() arguments +
Remove unused s_id + fix s_id endianness bug +
simplify qla_tgt_abort_work)
(gerard: fix section __exit mismatch in qla_tgt_exit)
(arun: Capture ATIO queue during firmware dump + Send SCR in target mode +
Target mode review comments)
(roland: Don't create duplicate target sessions to address tearing down
ACLs with IO in flight + Add missing call to qlt_fc_port_deleted
call during qla2x00_schedule_rport_del timeout)
Signed-off-by: Nicholas A. Bellinger <nab@linux-iscsi.org>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
commit 491118dff9
Author: Saurav Kashyap <saurav.kashyap@qlogic.com>
Date: Tue Aug 16 11:31:50 2011 -0700
[SCSI] qla2xxx: During loopdown perform Diagnostic loopback.
The LOOP_DOWN test is not needed.
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Signed-off-by: Joe Carnuccio <joe.carnuccio@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Signed-off-by: Joe Carnuccio <joe.carnuccio@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
The field vp_idx in struct fc_port is a redundant/mirror copy of
the same field in struct scsi_qla_host;
struct fc_port has a pointer vha to scsi_qla_host which allows
the original copy of vp_idx to be readily accessed.
Signed-off-by: Joe Carnuccio <joe.carnuccio@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Both the target-id and LUN are munged in the original printk().
Signed-off-by: Andrew Vasquez <andrew.vasquez@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Currently stats is part of ha data structure, common for physical and virtual
ports. Moved the stats to vha, each port will have its own stat.
Signed-off-by: Saurav Kashyap <saurav.kashyap@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Add an extra layer of logging granularity for messages that are necessary in
some circumstances but may flood the kernel log buffer with too many messages
otherwise.
Signed-off-by: Saurav Kashyap <saurav.kashyap@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
If interrupt registration failed we could crash the machine as we were trying
to deference some pointers which weren't allocated yet. Move the allocation
a little earlier and make some checks to the free resource code to make sure
that we don't try to free a resource that was never allocated.
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Correct spelling "occured" to "occurred" in
drivers/scsi/qla2xxx/qla_mbx.c
Signed-off-by: Masanari Iida <standby24x7@gmail.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Optimized queuecommand handler's to eliminate double head-room checks.
The checks are moved inside the 1st if-loop otherwise you would end up checking twice when there is
enough head room.
Signed-off-by: Chetan Loke <loke.chetan@gmail.com>
Reviewed-by: Andrew Vasquez <andrew.vasquez@qlogic.com>
Reviewed-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Replace "Inconisistent" with "Inconsistent" in drivers/scsi/qla2xxx/qla_init.c
Signed-off-by: Raul Porcel <armin76@gentoo.org>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
In case of firmmware detected under-run condition and scsi status of
task_set_full or busy_condition, return that to the mid layer for proper error
handling instead of DID_ERROR (which causes error handler activation and a
full retry).
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
release_firmware() checks for NULL pointers internally so checking
before calling it is redundant.
Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Acked-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
iQEcBAABAgAGBQJPZxSnAAoJEDeqqVYsXL0M0Y4IAMX0vrTVZbg6psA5/gMcWGRP
CkFXEQ8n0PL2SCaj6BoDqamJFe5Nc7dnqxM0fGawB4S9vr3rHhiOlwO+NbV9zFYC
2skBTpeL3sjgtN/jTBdfeeAa7xTYpu/XGyei0NS1A5c2AyMVXV0uYV2s4VNZxe44
tVIn1OEzM2giZ9EB1OZslDMrg5XXm3MBIUECP0LbWUhBm/35caSFKzMXRwhh7WiK
+AVmc2AZYtdEwuknDyiH7KlsaoB3vGL9pPrAUJzIgEhy2pOo2A7W72HfA4Fj+y6a
uF9HBS5zciMp1+sGWry62AjNbWgin9BRlozBEO/lJhIfMGDV1nXEIJsOkOgkdoE=
=1TxB
-----END PGP SIGNATURE-----
Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6
SCSI updates from James Bottomley:
"The update includes the usual assortment of driver updates (lpfc,
qla2xxx, qla4xxx, bfa, bnx2fc, bnx2i, isci, fcoe, hpsa) plus a huge
amount of infrastructure work in the SAS library and transport class
as well as an iSCSI update. There's also a new SCSI based virtio
driver."
* tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6: (177 commits)
[SCSI] qla4xxx: Update driver version to 5.02.00-k15
[SCSI] qla4xxx: trivial cleanup
[SCSI] qla4xxx: Fix sparse warning
[SCSI] qla4xxx: Add support for multiple session per host.
[SCSI] qla4xxx: Export CHAP index as sysfs attribute
[SCSI] scsi_transport: Export CHAP index as sysfs attribute
[SCSI] qla4xxx: Add support to display CHAP list and delete CHAP entry
[SCSI] iscsi_transport: Add support to display CHAP list and delete CHAP entry
[SCSI] pm8001: fix endian issue with code optimization.
[SCSI] pm8001: Fix possible racing condition.
[SCSI] pm8001: Fix bogus interrupt state flag issue.
[SCSI] ipr: update PCI ID definitions for new adapters
[SCSI] qla2xxx: handle default case in qla2x00_request_firmware()
[SCSI] isci: improvements in driver unloading routine
[SCSI] isci: improve phy event warnings
[SCSI] isci: debug, provide state-enum-to-string conversions
[SCSI] scsi_transport_sas: 'enable' phys on reset
[SCSI] libsas: don't recover end devices attached to disabled phys
[SCSI] libsas: fixup target_port_protocols for expanders that don't report sata
[SCSI] libsas: set attached device type and target protocols for local phys
...
Pull trivial tree from Jiri Kosina:
"It's indeed trivial -- mostly documentation updates and a bunch of
typo fixes from Masanari.
There are also several linux/version.h include removals from Jesper."
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (101 commits)
kcore: fix spelling in read_kcore() comment
constify struct pci_dev * in obvious cases
Revert "char: Fix typo in viotape.c"
init: fix wording error in mm_init comment
usb: gadget: Kconfig: fix typo for 'different'
Revert "power, max8998: Include linux/module.h just once in drivers/power/max8998_charger.c"
writeback: fix fn name in writeback_inodes_sb_nr_if_idle() comment header
writeback: fix typo in the writeback_control comment
Documentation: Fix multiple typo in Documentation
tpm_tis: fix tis_lock with respect to RCU
Revert "media: Fix typo in mixer_drv.c and hdmi_drv.c"
Doc: Update numastat.txt
qla4xxx: Add missing spaces to error messages
compiler.h: Fix typo
security: struct security_operations kerneldoc fix
Documentation: broken URL in libata.tmpl
Documentation: broken URL in filesystems.tmpl
mtd: simplify return logic in do_map_probe()
mm: fix comment typo of truncate_inode_pages_range
power: bq27x00: Fix typos in comment
...
This silences a static checker warning. Also we're always adding new
types of firmware, so it might fix a bug in real life some day.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
A device logout sent in the delete path of a fcport would clear the
port handle binding inside the firmware. This could lead to queued
work items for the fcport, if any, getting incorrect results. This
patch fixes the issue by checking for device name changes after a
call to get port database.
Signed-off-by: Arun Easi <arun.easi@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Add a field to the qla_hw_data struct to allow us to set the maximum number of
fabric devices on a per adapter basis based on ISP type.
[jejb: fix up missing rval = QLA_SUCCESS to prevent uninit var warning]
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Rather than continuously allocating and freeing swl within the discovery
process, simply pre-allocate it the first time that it's needed, cache it
through the rest of the lifecycle of the driver and free it at module unload.
Signed-off-by: Andrew Vasquez <andrew.vasquez@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Signed-off-by: Joe Carnuccio <joe.carnuccio@qlogic.com>
Signed-off-by: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>