Commit Graph

31 Commits

Author SHA1 Message Date
James Bottomley
788ce43aa1 [SCSI] SCSI core: fix leakage of scsi_cmnd's
Actually, just one problem and one cosmetic fix:

1) We need to dequeue for the loop and kill case (it seems easiest
simply to dequeue in the scsi_kill_request() routine)
2) There's no real need to drop the queue lock.  __scsi_done() is lock
agnostic, so since there's no requirement, let's just leave it in to
avoid any locking issues.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-09-09 16:30:59 -05:00
James Bottomley
e91442b635 [SCSI] SCSI core: fix leakage of scsi_cmnd's
From: 	Alan Stern <stern@rowland.harvard.edu>

This patch (as559b) adds a new routine, scsi_unprep_request, which
gets called every place a request is requeued.  (That includes
scsi_queue_insert as well as scsi_requeue_command.)  It also changes
scsi_kill_requests to make it call __scsi_done with result equal to
DID_NO_CONNECT << 16.  (I'm not sure if it's necessary to call
scsi_init_cmd_errh here; maybe you can check on that.)  Finally, the
patch changes the return value from scsi_end_request, to avoid
returning a stale pointer in the case where the request was requeued.
Fortunately the return value is used in only place, and the change
actually simplified it.

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>

Rejections fixed up and
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-09-09 10:44:16 -05:00
Neil Brown
286f3e13a1 [SCSI] fix possible deadlock in scsi_lib.c
If a filesystem, while writing out data, decides that it is good
to issue a cache flush on a SCSI drive (or other 'sd' device), it will
call blkdev_issue_flush which calls ->issue_flush_fn which is
scsi_issue_flush_fn.
This calls sd_issue_flush which calls sd_sync_cache, which calls
scsi_execute_request.
This will (as sshdr != NULL) call
    kmalloc(SCSI_SENSE_BUFFERSIZE, GFP_KERNEL)

If memory is tight, the presence of GFP_KERNEL may cause write
requests to be sent to some filesystem to free up memory, however if
that filesystem is waiting for the issue_flush_fn to complete, you
could get a deadlock.

I wonder if it might be more appropriate to use GFP_NOIO as in the
following patch.

I wonder if it might be even more appropriate to cope better with a
kmalloc failure, especially as in this use, sd_sync_cache only will
use the sense information to print out a more informative error
message.

Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-09-09 10:29:22 -05:00
James Bottomley
3173d8c342 [SCSI] quieten messages on scsi_execute commands
scsi_io_completion() can be a bit noisy about certain conditions.
Previously this wasn't a problem for internally generated commands,
since they never hit it.  However, since we do all SCSI commands via
bios, now they do.  user CD testers like magicdev are now getting not
ready messages every time they touch the CD to see if there's anything
in it.

Fix this by making all scsi_execute commands REQ_QUIET and making
scsi_finish_io() not say anything for REQ_QUIET.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-09-06 17:37:57 -05:00
James Bottomley
e514385be2 [SCSI] fix sense buffer length handling problem
The new bio code was incorrectly converted from stack allocated to
kmalloc'd buffer handling.  There are two places where it incorrectly
uses sizeof(*sense) to get the size of the sense buffer.  This
actually produces one, so no sense data was ever getting back, causing
failure in things like disk spin up.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 11:34:12 -05:00
akpm@osdl.org
1ccb48bb16 [SCSI] fix C syntax problem in scsi_lib.c
Older gcc's require variable definitions at the beginning of a block.

Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 11:34:09 -05:00
James Bottomley
ea73a9f239 [SCSI] convert sd to scsi_execute_req (and update the scsi_execute_req API)
This one removes struct scsi_request entirely from sd.  In the process,
I noticed we have no callers of scsi_wait_req who don't immediately
normalise the sense, so I updated the API to make it take a struct
scsi_sense_hdr instead of simply a big sense buffer.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 11:33:52 -05:00
James Bottomley
33aa687db9 [SCSI] convert SPI transport class to scsi_execute
This one's slightly more difficult.  The transport class uses
REQ_FAILFAST, so another interface (scsi_execute) had to be invented to
take the extra flag.  Also, the sense functions are shifted around to
allow spi_execute to place data directly into a struct scsi_sense_hdr.
With this change, there's probably a lot of unnecessary sense buffer
allocation going on which we can fix later.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 11:31:14 -05:00
James Bottomley
1cf72699c1 [SCSI] convert the remaining mid-layer pieces to scsi_execute_req
After this, we just have some drivers, all the ULDs and the SPI
transport class using scsi_wait_req().

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 11:27:01 -05:00
James Bottomley
7a93aef7fb Merge HEAD from ../scsi-misc-2.6-tmp 2005-08-28 11:18:35 -05:00
James Bottomley
392160335c [SCSI] use scatter lists for all block pc requests and simplify hw handlers
Original From: Mike Christie <michaelc@cs.wisc.edu>

Add scsi_execute_req() as a replacement for scsi_wait_req()

Fixed up various pieces (added REQ_SPECIAL and caught req use after
free)

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 10:46:40 -05:00
James Bottomley
8e6401187e update scsi_wait_req to new format for blk_rq_map_kern()
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 10:46:39 -05:00
James Bottomley
e537a36d52 [SCSI] use scatter lists for all block pc requests and simplify hw handlers
Here's the proof of concept for this one.  It converts scsi_wait_req to
do correct REQ_BLOCK_PC submission (and works nicely in my setup).

The final goal should be to eliminate struct scsi_request, but that
can't be done until the character submission paths of sg and st are also
modified.

There's some loss of functionality to this: retries are no longer
controllable (except by setting REQ_FASTFAIL) and the wait_req API needs
to be altered, but it looks very nice.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-08-28 10:45:34 -05:00
Mike Anderson
d330187408 [SCSI] host state model update: replace old host bitmap state
Migrate the current SCSI host state model to a model like SCSI
device is using.

Signed-off-by: Mike Anderson <andmike@us.ibm.com>

Rejections fixed up and

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-07-30 11:10:24 -05:00
Linus Torvalds
2d986010ad Merge master.kernel.org:/pub/scm/linux/kernel/git/jejb/scsi-for-linus-2.6 2005-07-26 13:28:47 -07:00
Chen, Kenneth W
0f34e3f533 [SCSI] Redundant memset in scsi_alloc_sgtable
scsi_init_io calls scsi_alloc_sgtable and then calls blk_rq_map_sg
to initialize the scatterlist structure.  blk_rq_map_sg() already
memset the structure for every new segment.  That makes the memset
in scsi_alloc_sgtable unnecessary.

Patch to delete the extra memset in scsi_alloc_sgtable.  Tested on
a x86_64 machine.  Looks stable to me.

Signed-off-by: Ken Chen <kenneth.w.chen@intel.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-07-14 11:24:12 -04:00
KAMBAROV, ZAUR
a77e3362a2 [PATCH] coverity: i386: scsi_lib buffer overrun fix
The check in

627  		BUG_ON(index > SG_MEMPOOL_NR);

with SG_MEMPOOL_NR defined in

32   	#define SG_MEMPOOL_NR		(sizeof(scsi_sg_pools)/sizeof(struct scsi_host_sg_pool))

was not sufficient.

sgp, set in

629  		sgp = scsi_sg_pools + index;

is dereferenced in

630  		mempool_free(sgl, sgp->pool);

Signed-off-by: Zaur Kambarov <zkambarov@coverity.com>
Cc: <linux-scsi@vger.kernel.org>
Cc: James Bottomley <James.Bottomley@steeleye.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-28 21:20:33 -07:00
Christoph Hellwig
8d115f845a [SCSI] remove scsi_cmnd->state
We never look at it except for the old megaraid driver that abuses it
for sending internal commands.  That usage can be fixed easily because
those internal commands are single-threaded by a mutex and we can easily
use a completion there.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-06-26 12:16:24 -05:00
Christoph Hellwig
b4edcbcafd [SCSI] remove scsi_cmnd->owner
never checked anywhere

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-06-26 12:15:28 -05:00
Christoph Hellwig
f5ad56145d [SCSI] remove scsi_cmnd->abort_reason
Never used for anything but printing it out in debug routines.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-06-26 12:14:46 -05:00
Adrian Bunk
52c1da3953 [PATCH] make various thing static
Another rollup of patches which give various symbols static scope

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-24 00:06:43 -07:00
Tejun Heo
d8c37e7b9a [SCSI] remove a timer race in scsi_queue_insert()
scsi_queue_insert() has four callers.  Three callers call with
timer disabled and one (the second invocation in
scsi_dispatch_cmd()) calls with timer activated.
scsi_queue_insert() used to always call scsi_delete_timer()
and ignore the return value.  This results in race with timer
expiration.  Remove scsi_delete_timer() call from
scsi_queue_insert() and make the caller delete timer and check
the return value.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-05-20 12:53:54 -05:00
Tejun Heo
a1bf9d1d92 [SCSI] make scsi_queue_insert() use blk_requeue_request()
scsi_queue_insert() used to use blk_insert_request() for requeueing
requests.  This depends on the unobvious behavior of
blk_insert_request() setting REQ_SPECIAL and REQ_SOFTBARRIER when
requeueing.  This patch makes scsi_queue_insert() use
blk_requeue_request().  As REQ_SPECIAL means special requests and
REQ_SOFTBARRIER is automatically handled by blk layer now, no flag
needs to be set.

Note that scsi_queue_insert() now calls scsi_run_queue() itself, and
the prototype of the function is added right above
scsi_queue_insert().  This is temporary, as later requeue path
consolidation patchset removes scsi_queue_insert().  By adding
temporary prototype, we can do away with unnecessarily moving
functions.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-05-20 12:53:30 -05:00
Tejun Heo
283369ccc2 [SCSI] make scsi_requeue_request() use blk_requeue_request()
scsi_requeue_request() used to use blk_insert_request() for requeueing
requests.  This depends on the unobvious behavior of
blk_insert_request() setting REQ_SPECIAL and REQ_SOFTBARRIER when
requeueing.  This patch makes scsi_queue_insert() use
blk_requeue_request().  As REQ_SPECIAL means special requests and
REQ_SOFTBARRIER is automatically handled by blk layer now, no flag
needs to be set.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-05-20 12:53:29 -05:00
Tejun Heo
867d1191fc [SCSI] remove requeue feature from blk_insert_request()
blk_insert_request() has a unobivous feature of requeuing a
request setting REQ_SPECIAL|REQ_SOFTBARRIER.  SCSI midlayer
was the only user and as previous patches removed the usage,
remove the feature from blk_insert_request().  Only special
requests should be queued with blk_insert_request().  All
requeueing should go through blk_requeue_request().

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-05-20 12:53:28 -05:00
Tejun Heo
beb6617d99 [SCSI] remove REQ_SPECIAL in scsi_init_io()
scsi_init_io() used to set REQ_SPECIAL when it fails sg
allocation before requeueing the request by returning
BLKPREP_DEFER.  REQ_SPECIAL is being updated to mean special
requests.  So, remove REQ_SPECIAL setting.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-05-20 12:53:27 -05:00
James Bottomley
c46f2ffb9e merge by hand (scsi_device.h) 2005-04-18 13:45:00 -05:00
c6295cdf65 [PATCH] scsi: remove meaningless scsi_cmnd->serial_number_at_timeout field
scsi_cmnd->serial_number_at_timeout doesn't serve any purpose
anymore.  All serial_number == serial_number_at_timeout tests
are always true in abort callbacks.  Kill the field.  Also, as
->pid always equals ->serial_number and ->serial_number
doesn't have any special meaning anymore, update comments
above ->serial_number accordingly.  Once we remove all uses of
this field from all lldd's, this field should go.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-04-18 12:33:15 -05:00
d3a933dc98 [PATCH] scsi: remove unused scsi_cmnd->internal_timeout field
scsi_cmnd->internal_timeout field doesn't have any meaning
anymore.  Kill the field.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-04-18 12:32:47 -05:00
152587deb8 [PATCH] fix NMI lockup with CFQ scheduler
The current problem seen is that the queue lock is actually in the
SCSI device structure, so when that structure is freed on device
release, we go boom if the queue tries to access the lock again.

The fix here is to move the lock from the scsi_device to the queue.

Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-04-16 20:10:09 -05:00
Linus Torvalds
1da177e4c3 Linux-2.6.12-rc2
Initial git repository build. I'm not bothering with the full history,
even though we have it. We can create a separate "historical" git
archive of that later if we want to, and in the meantime it's about
3.2GB when imported into git - space that would just make the early
git days unnecessarily complicated, when we don't have a lot of good
infrastructure for it.

Let it rip!
2005-04-16 15:20:36 -07:00