An error occurred fetching the project authors.
- 15 Jun, 2023 1 commit
-
-
Nilesh Javali authored
Klocwork reports array 'vha->host_str' of size 16 may use index value(s) 16..19. Use snprintf() instead of sprintf(). Cc: stable@vger.kernel.org Co-developed-by:
Bikash Hazarika <bhazarika@marvell.com> Signed-off-by:
Nilesh Javali <njavali@marvell.com> Link: https://lore.kernel.org/r/20230607113843.37185-2-njavali@marvell.comReviewed-by:
Himanshu Madhani <himanshu.madhani@oracle.com> Signed-off-by:
Martin K. Petersen <martin.petersen@oracle.com>
-
- 31 May, 2023 1 commit
-
-
Dan Carpenter authored
This loop will exit successfully when "found" is false or in the failure case it times out with "wait_iter" set to -1. The test for timeouts is impossible as is. Fixes: b843adde ("scsi: qla2xxx: Fix mem access after free") Signed-off-by:
Dan Carpenter <dan.carpenter@linaro.org> Link: https://lore.kernel.org/r/cea5a62f-b873-4347-8f8e-c67527ced8d2@kili.mountainSigned-off-by:
-
- 08 May, 2023 1 commit
-
-
Quinn Tran authored
System crash, where driver is accessing scsi layer's memory (scsi_cmnd->device->host) to search for a well known internal pointer (vha). The scsi_cmnd was released back to upper layer which could be freed, but the driver is still accessing it. 7 [ffffa8e8d2c3f8d0] page_fault at ffffffff86c010fe [exception RIP: __qla2x00_eh_wait_for_pending_commands+240] RIP: ffffffffc0642350 RSP: ffffa8e8d2c3f988 RFLAGS: 00010286 RAX: 0000000000000165 RBX: 0000000000000002 RCX: 00000000000036d8 RDX: 0000000000000000 RSI: ffff9c5c56535188 RDI: 0000000000000286 RBP: ffff9c5bf7aa4a58 R8: ffff9c589aecdb70 R9: 00000000000003d1 R10: 0000000000000001 R11: 0000000000380000 R12: ffff9c5c5392bc78 R13: ffff9c57044ff5c0 R14: ffff9c56b5a3aa00 R15: 00000000000006db ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 8 [ffffa8e8d2c3f9c8] qla2x00_eh_wait_for_pending_commands at ffffffffc0646dd5 [qla2xxx] 9 [ffffa8e8d2c3fa00] __qla2x00_async_tm_cmd at ffffffffc0658094 [qla2xxx] Remove access of freed memory. Currently the driver was checking to see if scsi_done was called by seeing if the sp->type has changed. Instead, check to see if the command has left the oustanding_cmds[] array as sign of scsi_done was called. Cc: stable@vger.kernel.org Signed-off-by:
Quinn Tran <qutran@marvell.com> Signed-off-by:
-
- 03 Apr, 2023 1 commit
-
-
Li Zetao authored
There is a memory leak reported by kmemleak: unreferenced object 0xffffc900003f0000 (size 12288): comm "modprobe", pid 19117, jiffies 4299751452 (age 42490.264s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000629261a8>] __vmalloc_node_range+0xe56/0x1110 [<0000000001906886>] __vmalloc_node+0xbd/0x150 [<000000005bb4dc34>] vmalloc+0x25/0x30 [<00000000a2dc1194>] qla2x00_create_host+0x7a0/0xe30 [qla2xxx] [<0000000062b14b47>] qla2x00_probe_one+0x2eb8/0xd160 [qla2xxx] [<00000000641ccc04>] local_pci_probe+0xeb/0x1a0 The root cause is traced to an error-handling path in qla2x00_probe_one() when the adapter "base_vha" initialize failed. The fab_scan_rp "scan.l" is used to record the port information and it is allocated in qla2x00_create_host(). However, it is not released in the error handling path "probe_failed". Fix this by freeing the memory of "scan.l" when an error occurs in the adapter initialization process. Fixes: a4239945 ("scsi: qla2xxx: Add switch command to simplify fabric discovery") Signed-off-by:Li Zetao <lizetao1@huawei.com> Link: https://lore.kernel.org/r/20230325110004.363898-1-lizetao1@huawei.comReviewed-by:
-
- 24 Mar, 2023 1 commit
-
-
Bart Van Assche authored
Make it explicit that the SCSI host template is not modified. Signed-off-by:
Bart Van Assche <bvanassche@acm.org> Link: https://lore.kernel.org/r/20230322195515.1267197-68-bvanassche@acm.orgSigned-off-by:
-
- 17 Mar, 2023 1 commit
-
-
Nilesh Javali authored
While adding and removing the controller, the following call trace was observed: WARNING: CPU: 3 PID: 623596 at kernel/dma/mapping.c:532 dma_free_attrs+0x33/0x50 CPU: 3 PID: 623596 Comm: sh Kdump: loaded Not tainted 5.14.0-96.el9.x86_64 #1 RIP: 0010:dma_free_attrs+0x33/0x50 Call Trace: qla2x00_async_sns_sp_done+0x107/0x1b0 [qla2xxx] qla2x00_abort_srb+0x8e/0x250 [qla2xxx] ? ql_dbg+0x70/0x100 [qla2xxx] __qla2x00_abort_all_cmds+0x108/0x190 [qla2xxx] qla2x00_abort_all_cmds+0x24/0x70 [qla2xxx] qla2x00_abort_isp_cleanup+0x305/0x3e0 [qla2xxx] qla2x00_remove_one+0x364/0x400 [qla2xxx] pci_device_remove+0x36/0xa0 __device_release_driver+0x17a/0x230 device_release_driver+0x24/0x30 pci_stop_bus_device+0x68/0x90 pci_stop_and_remove_bus_device_locked+0x16/0x30 remove_store+0x75/0x90 kernfs_fop_write_iter+0x11c/0x1b0 new_sync_write+0x11f/0x1b0 vfs_write+0x1eb/0x280 ksys_write+0x5f/0xe0 do_syscall_64+0x5c/0x80 ? do_user_addr_fault+0x1d8/0x680 ? do_syscall_64+0x69/0x80 ? exc_page_fault+0x62/0x140 ? asm_exc_page_fault+0x8/0x30 entry_SYSCALL_64_after_hwframe+0x44/0xae The command was completed in the abort path during driver unload with a lock held, causing the warning in abort path. Hence complete the command without any lock held. Reported-by:
Lin Li <lilin@redhat.com> Tested-by:
John Meneghini <jmeneghi@redhat.com> Signed-off-by:
-
- 10 Mar, 2023 1 commit
-
-
Bjorn Helgaas authored
pci_enable_pcie_error_reporting() enables the device to send ERR_* Messages. Since commit f26e58bf ("PCI/AER: Enable error reporting when AER is native"), the PCI core does this for all devices during enumeration, so the driver doesn't need to do it itself. Remove the redundant pci_enable_pcie_error_reporting() call from the driver. Also remove the corresponding pci_disable_pcie_error_reporting() from the driver .remove() path. Note that this only controls ERR_* Messages from the device. An ERR_* Message may cause the Root Port to generate an interrupt, depending on the AER Root Error Command register managed by the AER service driver. Signed-off-by:
Bjorn Helgaas <bhelgaas@google.com> Link: https://lore.kernel.org/r/20230307182842.870378-10-helgaas@kernel.org Cc: Nilesh Javali <njavali@marvell.com> Cc: GR-QLogic-Storage-Upstream@marvell.com Signed-off-by:
-
- 06 Mar, 2023 1 commit
-
-
Daniel Wagner authored
Commit 44c57f20 ("scsi: qla2xxx: Changes to support FCP2 Target") added support for FC2 Targets. Unfortunately, there are older setups which break with this new feature enabled. Allow to disable it via module option. Link: https://lore.kernel.org/r/20230208152014.109214-1-dwagner@suse.deSigned-off-by:
Daniel Wagner <dwagner@suse.de> Reviewed-by:
-
- 12 Jan, 2023 9 commits
-
-
Shreyas Deodhar authored
In current I/O path, Tx and Rx may not be processed on same CPU. This may lead to thrashing and optimum performance may not be achieved. Pick qpair such that Tx and Rx are processed on same CPU. Signed-off-by:
Shreyas Deodhar <sdeodhar@marvell.com> Signed-off-by:
-
Quinn Tran authored
For edif, each I/O requires a secondary buffer to carry the FCP cmnd. During high traffic time, these buffers are cached in the qpair. As traffic dies down, these buffers will be trimmed as needed. If traffic is reduced to none over 2 consecutive intervals, then these buffers will be further trimmed. Free FCP cmnd buffers to reduce memory usage during slow I/O time. Signed-off-by:
-
Quinn Tran authored
User experienced performance dip on measuring IOPS while EDIF enabled. During I/O time, driver uses dma_pool_zalloc() call to allocate a chunk of memory. This call contains a lock behind the scene which contribute to lock contention. Save the allocated memory for reuse and avoid the lock. Signed-off-by:
-
Quinn Tran authored
There is no functional change in this patch. VP map resource is renamed and relocated so it is not viewed as just a target mode resource. Signed-off-by:
-
Quinn Tran authored
Remove stale/unused code (GNN ID). Signed-off-by:
-
Quinn Tran authored
Remove stale unused code for GPNID. Signed-off-by:
-
Quinn Tran authored
Removing drport field and FCPORT_UPDATE_NEEDED signals. Signed-off-by:
-
Quinn Tran authored
If after an adapter reset the appearance of link is not recovered, the devices are not rediscovered. This is result of a race condition between adapter reset (abort_isp) and the topology scan. During adapter reset, the ABORT_ISP_ACTIVE flag is set. Topology scan usually occurred after adapter reset. In this case, the topology scan came earlier than usual where it ran into problem due to ABORT_ISP_ACTIVE flag was still set. kernel: qla2xxx [0000:13:00.0]-1005:1: Cmd 0x6a aborted with timeout since ISP Abort is pending kernel: qla2xxx [0000:13:00.0]-28a0:1: MBX_GET_PORT_NAME failed, No FL Port. kernel: qla2xxx [0000:13:00.0]-286b:1: qla2x00_configure_loop: exiting normally. local port wwpn 51402ec0123d9a80 id 012300) kernel: qla2xxx [0000:13:00.0]-8017:1: ADAPTER RESET SUCCEEDED nexus=1:0:15. Allow adapter reset to complete before any scan can start. Cc: stable@vger.kernel.org Signed-off-by:
-
Quinn Tran authored
User experienced symptoms of adapter failure in NPIV environment. NPIV hosts were allowed to trigger chip reset back to back due to NPIV link state being slow to come online. Fix link failure in NPIV environment by removing NPIV host from directly being able to perform chip reset. kernel: qla2xxx [0000:04:00.1]-6009:261: Loop down - aborting ISP. kernel: qla2xxx [0000:04:00.1]-6009:262: Loop down - aborting ISP. kernel: qla2xxx [0000:04:00.1]-6009:281: Loop down - aborting ISP. kernel: qla2xxx [0000:04:00.1]-6009:285: Loop down - aborting ISP Fixes: 0d6e61bc ("[SCSI] qla2xxx: Correct various NPIV issues.") Cc: stable@vger.kernel.org Signed-off-by:
-
- 26 Nov, 2022 1 commit
-
-
Gleb Chesnokov authored
Commit 9b3e0f4d ("scsi: qla2xxx: Move work element processing out of DPC thread") introduced the initialization of vha->iocb_work in qla2x00_create_host() function. This initialization is also called from qla2x00_probe_one() function, just after qla2x00_create_host(). Hence remove this duplicate call since it has already been called before. Signed-off-by:
Gleb Chesnokov <gleb.chesnokov@scst.dev> Link: https://lore.kernel.org/r/822b3823-f344-67d6-30f1-16e31cf68eed@scst.devSigned-off-by:
-
- 08 Nov, 2022 1 commit
-
-
Bart Van Assche authored
Fix the following two compiler warnings: drivers/scsi/qla2xxx/qla_init.c: In function ‘qla24xx_async_abort_cmd’: drivers/scsi/qla2xxx/qla_init.c:171:17: warning: variable ‘bail’ set but not used [-Wunused-but-set-variable] 171 | uint8_t bail; | ^~~~ drivers/scsi/qla2xxx/qla_init.c: In function ‘qla2x00_async_tm_cmd’: drivers/scsi/qla2xxx/qla_init.c:2023:17: warning: variable ‘bail’ set but not used [-Wunused-but-set-variable] 2023 | uint8_t bail; | ^~~~ Cc: Arun Easi <arun.easi@qlogic.com> Cc: Giridhar Malavali <giridhar.malavali@qlogic.com> Fixes: feafb7b1 ("[SCSI] qla2xxx: Fix vport delete issues") Signed-off-by:
-
- 07 Sep, 2022 1 commit
-
-
Colin Ian King authored
There is a spelling mistake in a MODULE_PARM_DESC description. Fix it. Link: https://lore.kernel.org/r/20220906140010.194273-1-colin.i.king@gmail.comSigned-off-by:
Colin Ian King <colin.i.king@gmail.com> Signed-off-by:
-
- 01 Sep, 2022 4 commits
-
-
Nilesh Javali authored
drivers/scsi/qla2xxx/qla_os.c:40:20: warning: symbol 'qla_trc_array' was not declared. Should it be static? drivers/scsi/qla2xxx/qla_os.c:345:5: warning: symbol 'ql2xdelay_before_pci_error_handling' was not declared. Should it be static? Define qla_trc_array and ql2xdelay_before_pci_error_handling as static to fix sparse warnings. Link: https://lore.kernel.org/r/20220826102559.17474-7-njavali@marvell.com Cc: stable@vger.kernel.org Reported-by:
kernel test robot <lkp@intel.com> Reviewed-by:
-
Arun Easi authored
Older tracing of driver messages was to: - log only debug messages to kernel main trace buffer; and - log only if extended logging bits corresponding to this message is off This has been modified and extended as follows: - Tracing is now controlled via ql2xextended_error_logging_ktrace module parameter. Bit usages same as ql2xextended_error_logging. - Tracing uses "qla2xxx" trace instance, unless instance creation have issues. - Tracing is enabled (compile time tunable). - All driver messages, include debug and log messages are now traced in kernel trace buffer. Trace messages can be viewed by looking at the qla2xxx instance at: /sys/kernel/tracing/instances/qla2xxx/trace Trace tunable that takes the same bit mask as ql2xextended_error_logging is: ql2xextended_error_logging_ktrace (default=1) Link: https://lore.kernel.org/r/20220826102559.17474-6-njavali@marvell.comSuggested-by:Steven Rostedt <rostedt@goodmis.org> Tested-by:
Arun Easi <aeasi@marvell.com> Signed-off-by:
-
Arun Easi authored
Reverting this commit so that a fixed up patch, without adding new module parameters, can be submitted. Link: https://lore.kernel.org/stable/166039743723771@kroah.com/ This reverts commit b1f70714. Link: https://lore.kernel.org/r/20220826102559.17474-2-njavali@marvell.com Cc: stable@vger.kernel.org Reviewed-by: -
Mauricio Faria de Oliveira authored
This message is helpful to troubleshoot missing LUNs/SAN boot errors. It'd be nice to log it by default instead of only being enabled with debug. This user had an accidental/forgotten file modprobe.d/qla2xxx.conf w/ option qlini_mode=disabled from experiments with FC target mode, and their boot LUN didn't come up, as it skips SCSI scan, of course. However, their boot log didn't provide any clues to help understand that. The issue/message could be figured out w/ ql2xextended_error_logging, but it would have been simpler (or even deflected/addressed by user) if it had been there by default. And it also would help support/triage/deflection tooling. Expected change: scsi host15: qla2xxx +qla2xxx [0000:3b:00.0]-00fb:15: skipping scsi_scan_host() for non-initiator port qla2xxx [0000:3b:00.0]-00fb:15: QLogic QLE2692 - QLE2692 Dual Port 16Gb FC to PCIe Gen3 x8 Adapter. According to: qla2x00_probe_one() ... ret = scsi_add_host(...); ... ql_log(ql_log_info, ... "skipping scsi_scan_host() for non-initiator port\n"); ... ql_log(ql_log_info, ... "QLogic %s - %s.\n", ha->model_number, ha->model_desc); Link: https://lore.kernel.org/r/20220825120159.275051-1-mfo@canonical.comTested-by:Mauricio Faria de Oliveira <mfo@canonical.com> Signed-off-by:
-
- 22 Aug, 2022 1 commit
-
-
Bart Van Assche authored
Since blk_mq_map_queues() and the .map_queues() callbacks always return 0, change their return type into void. Most callers ignore the returned value anyway. Cc: Christoph Hellwig <hch@lst.de> Cc: Jason Wang <jasowang@redhat.com> Cc: Keith Busch <kbusch@kernel.org> Cc: Martin K. Petersen <martin.petersen@oracle.com> Cc: Doug Gilbert <dgilbert@interlog.com> Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by:
John Garry <john.garry@huawei.com> Acked-by:
Md Haris Iqbal <haris.iqbal@ionos.com> Reviewed-by:
Sagi Grimberg <sagi@grimberg.me> Link: https://lore.kernel.org/r/20220815170043.19489-3-bvanassche@acm.org [axboe: fold in fix from Bart] Signed-off-by:
Jens Axboe <axboe@kernel.dk>
-
- 19 Jul, 2022 1 commit
-
-
Arun Easi authored
On some platforms, the current logic of relying on finding new packet solely based on signature pattern can lead to driver reading stale packets. Though this is a bug in those platforms, reduce such exposures by limiting reading packets until the IN pointer. Two module parameters are introduced: ql2xrspq_follow_inptr: When set, on newer adapters that has queue pointer shadowing, look for response packets only until response queue in pointer. When reset, response packets are read based on a signature pattern logic (old way). ql2xrspq_follow_inptr_legacy: Like ql2xrspq_follow_inptr, but for those adapters where there is no queue pointer shadowing. Link: https://lore.kernel.org/r/20220713052045.10683-5-njavali@marvell.com Cc: stable@vger.kernel.org Reviewed-by:
-
- 17 Jun, 2022 2 commits
-
-
Arun Easi authored
Ensure SRB is returned during I/O timeout error escalation. If that is not possible fail the escalation path. Following crash stack was seen: BUG: unable to handle kernel paging request at 0000002f56aa90f8 IP: qla_chk_edif_rx_sa_delete_pending+0x14/0x30 [qla2xxx] Call Trace: ? qla2x00_status_entry+0x19f/0x1c50 [qla2xxx] ? qla2x00_start_sp+0x116/0x1170 [qla2xxx] ? dma_pool_alloc+0x1d6/0x210 ? mempool_alloc+0x54/0x130 ? qla24xx_process_response_queue+0x548/0x12b0 [qla2xxx] ? qla_do_work+0x2d/0x40 [qla2xxx] ? process_one_work+0x14c/0x390 Link: https://lore.kernel.org/r/20220616053508.27186-6-njavali@marvell.com Fixes: d7459527 ("scsi: qla2xxx: Add multiple queue pair functionality.") Cc: stable@vger.kernel.org Signed-off-by:
-
Quinn Tran authored
Put adapter into a wind down state if OS does not make any attempt to recover the adapter after PCIe error. Link: https://lore.kernel.org/r/20220616053508.27186-4-njavali@marvell.com Cc: stable@vger.kernel.org Signed-off-by:
-
- 08 Jun, 2022 1 commit
-
-
Quinn Tran authored
Relating to EDIF, when sending IKE message, updating key or deleting key, driver can encounter IOCB queue full. Add additional retries to reduce higher level recovery. Link: https://lore.kernel.org/r/20220607044627.19563-8-njavali@marvell.com Fixes: dd30706e ("scsi: qla2xxx: edif: Add key update") Signed-off-by:
-
- 26 Apr, 2022 1 commit
-
-
ran jianping authored
All work currently pending will be done first by calling destroy_workqueue(). There is no need to flush it explicitly. Link: https://lore.kernel.org/r/20220424062413.3220315-1-ran.jianping@zte.com.cnReported-by:
Zeal Robot <zealci@zte.com.cn> Signed-off-by:
ran jianping <ran.jianping@zte.com.cn> Signed-off-by:
-
- 15 Mar, 2022 3 commits
-
-
Shreyas Deodhar authored
Increase max limit of ql2xnvme_queues to (max_qpair - 1). Link: https://lore.kernel.org/r/20220310092604.22950-13-njavali@marvell.com Fixes: 65120de2 ("scsi: qla2xxx: Add ql2xnvme_queues module param to configure number of NVMe queues") Cc: stable@vger.kernel.org Reviewed-by:
-
Quinn Tran authored
For session recovery, driver relies on the dpc thread to initiate certain operations. The dpc thread runs exclusively without the Mailbox interface being occupied. A recent code change for heartbeat check via mailbox cmd 0 is preventing the dpc thread from carrying out its operation. This patch allows the higher priority error recovery to run first before running the lower priority heartbeat check. Link: https://lore.kernel.org/r/20220310092604.22950-9-njavali@marvell.com Fixes: d94d8158 ("scsi: qla2xxx: Add heartbeat check") Cc: stable@vger.kernel.org Reviewed-by:
-
Arun Easi authored
During purex packet handling the driver was incorrectly freeing a pre-allocated structure. Fix this by skipping that entry. System crashed with the following stack during a module unload test. Call Trace: sbitmap_init_node+0x7f/0x1e0 sbitmap_queue_init_node+0x24/0x150 blk_mq_init_bitmaps+0x3d/0xa0 blk_mq_init_tags+0x68/0x90 blk_mq_alloc_map_and_rqs+0x44/0x120 blk_mq_alloc_set_map_and_rqs+0x63/0x150 blk_mq_alloc_tag_set+0x11b/0x230 scsi_add_host_with_dma.cold+0x3f/0x245 qla2x00_probe_one+0xd5a/0x1b80 [qla2xxx] Call Trace with slub_debug and debug kernel: kasan_report_invalid_free+0x50/0x80 __kasan_slab_free+0x137/0x150 slab_free_freelist_hook+0xc6/0x190 kfree+0xe8/0x2e0 qla2x00_free_device+0x3bb/0x5d0 [qla2xxx] qla2x00_remove_one+0x668/0xcf0 [qla2xxx] Link: https://lore.kernel.org/r/20220310092604.22950-6-njavali@marvell.com Fixes: 62e9dd17 ("scsi: qla2xxx: Change in PUREX to handle FPIN ELS requests") Cc: stable@vger.kernel.org Reported-by:
Marco Patalano <mpatalan@redhat.com> Tested-by:
-
- 23 Feb, 2022 1 commit
-
-
Bart Van Assche authored
Instead of using the SCp.ptr field to track whether or not a command is in flight, use the sp->type field to track this information. sp->type must be set for proper operation of the qla2xxx driver. See e.g. the switch (sp->type) statement in qla2x00_ct_entry(). This patch prepares for removal of the SCSI pointer from struct scsi_cmnd. Link: https://lore.kernel.org/r/20220218195117.25689-43-bvanassche@acm.org Cc: Nilesh Javali <njavali@marvell.com> Cc: Ewan D. Milne <emilne@redhat.com> Reviewed-by:
Hannes Reinecke <hare@suse.de> Reviewed-by:
-
- 11 Feb, 2022 1 commit
-
-
Gleb Chesnokov authored
The qla_sess_op_cmd_list was introduced in commit 8b2f5ff3 ("qla2xxx: cleanup cmd in qla workqueue before processing TMR"). Then the usage of this list was dropped in commit fb35265b ("scsi: qla2xxx: Remove session creation redundant code"). Thus, remove this list since it is no longer used. Link: https://lore.kernel.org/r/AS8PR10MB49524AAB4C8016E4AFF17FFB9D2D9@AS8PR10MB4952.EURPRD10.PROD.OUTLOOK.COMReviewed-by:
Gleb Chesnokov <Chesnokov.G@raidix.com> Signed-off-by:
-
- 25 Jan, 2022 5 commits
-
-
Joe Carnuccio authored
This is an update to the original 28xx adapter enablement. Add a bunch of conditionals that are applicable for 28xx. Link: https://lore.kernel.org/r/20220110050218.3958-16-njavali@marvell.com Fixes: ecc89f25 ("scsi: qla2xxx: Add Device ID for ISP28XX") Cc: stable@vger.kernel.org Signed-off-by:
Joe Carnuccio <joe.carnuccio@cavium.com> Signed-off-by:
-
Arun Easi authored
A device logout in loop topology initiates a device connection teardown which loses the FW device handle. In loop topo, the device handle is not regrabbed leading to device login failures and eventually to loss of the device. Fix this by taking the main login path that does it. Link: https://lore.kernel.org/r/20220110050218.3958-11-njavali@marvell.com Cc: stable@vger.kernel.org Reviewed-by:
-
Shreyas Deodhar authored
Add ql2xnvme_queues module parameter to configure number of NVMe queues Usage: Number of NVMe Queues that can be configured. Final value will be min(ql2xnvme_queues, num_cpus, num_chip_queues), 1 - Minimum number of queues supported 8 - Default value 128 - Maximum number of queues supported Link: https://lore.kernel.org/r/20220110050218.3958-10-njavali@marvell.comReviewed-by:
-
Quinn Tran authored
After a recoverable PCI error has been detected and recovered, qla driver needs to check to see if the error condition still persist and/or wait for the OS to give the resume signal. Sep 8 22:26:03 localhost kernel: WARNING: CPU: 9 PID: 124606 at qla_tmpl.c:440 qla27xx_fwdt_entry_t266+0x55/0x60 [qla2xxx] Sep 8 22:26:03 localhost kernel: RIP: 0010:qla27xx_fwdt_entry_t266+0x55/0x60 [qla2xxx] Sep 8 22:26:03 localhost kernel: Call Trace: Sep 8 22:26:03 localhost kernel: ? qla27xx_walk_template+0xb1/0x1b0 [qla2xxx] Sep 8 22:26:03 localhost kernel: ? qla27xx_execute_fwdt_template+0x12a/0x160 [qla2xxx] Sep 8 22:26:03 localhost kernel: ? qla27xx_fwdump+0xa0/0x1c0 [qla2xxx] Sep 8 22:26:03 localhost kernel: ? qla2xxx_pci_mmio_enabled+0xfb/0x120 [qla2xxx] Sep 8 22:26:03 localhost kernel: ? report_mmio_enabled+0x44/0x80 Sep 8 22:26:03 localhost kernel: ? report_slot_reset+0x80/0x80 Sep 8 22:26:03 localhost kernel: ? pci_walk_bus+0x70/0x90 Sep 8 22:26:03 localhost kernel: ? aer_dev_correctable_show+0xc0/0xc0 Sep 8 22:26:03 localhost kernel: ? pcie_do_recovery+0x1bb/0x240 Sep 8 22:26:03 localhost kernel: ? aer_recover_work_func+0xaa/0xd0 Sep 8 22:26:03 localhost kernel: ? process_one_work+0x1a7/0x360 .. Sep 8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-8041:22: detected PCI disconnect. Sep 8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-107ff:22: qla27xx_fwdt_entry_t262: dump ram MB failed. Area 5h start 198013h end 198013h Sep 8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-107ff:22: Unable to capture FW dump Sep 8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-1015:22: cmd=0x0, waited 5221 msecs Sep 8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-680d:22: mmio enabled returning. Sep 8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-d04c:22: MBX Command timeout for cmd 0, iocontrol=ffffffff jiffies=10140f2e5 mb[0-3]=[0xffff 0xffff 0xffff 0xffff] Link: https://lore.kernel.org/r/20220110050218.3958-6-njavali@marvell.com Cc: stable@vger.kernel.org Reviewed-by:
-
Saurav Kashyap authored
The timeout handler and the done function are racing. When qla2x00_async_iocb_timeout() starts to run it can be preempted by the normal response path (via the firmware?). qla24xx_async_gpsc_sp_done() releases the SRB unconditionally. When scheduling back to qla2x00_async_iocb_timeout() qla24xx_async_abort_cmd() will access an freed sp->qpair pointer: qla2xxx [0000:83:00.0]-2871:0: Async-gpsc timeout - hdl=63d portid=234500 50:06:0e:80:08:77:b6:21. qla2xxx [0000:83:00.0]-2853:0: Async done-gpsc res 0, WWPN 50:06:0e:80:08:77:b6:21 qla2xxx [0000:83:00.0]-2854:0: Async-gpsc OUT WWPN 20:45:00:27:f8:75:33:00 speeds=2c00 speed=0400. qla2xxx [0000:83:00.0]-28d8:0: qla24xx_handle_gpsc_event 50:06:0e:80:08:77:b6:21 DS 7 LS 6 rc 0 login 1|1 rscn 1|0 lid 5 BUG: unable to handle kernel NULL pointer dereference at 0000000000000004 IP: qla24xx_async_abort_cmd+0x1b/0x1c0 [qla2xxx] Obvious solution to this is to introduce a reference counter. One reference is taken for the normal code path (the 'good' case) and one for the timeout path. As we always race between the normal good case and the timeout/abort handler we need to serialize it. Also we cannot assume any order between the handlers. Since this is slow path we can use proper synchronization via locks. When we are able to cancel a timer (del_timer returns 1) we know there can't be any error handling in progress because the timeout handler hasn't expired yet, thus we can safely decrement the refcounter by one. If we are not able to cancel the timer, we know an abort handler is running. We have to make sure we call sp->done() in the abort handlers before calling kref_put(). Link: https://lore.kernel.org/r/20220110050218.3958-3-njavali@marvell.com Cc: stable@vger.kernel.org Reviewed-by:
Saurav Kashyap <skashyap@marvell.com> Signed-off-by:
-
