[SCSI] target: Fix bug with task_sg chained transport_free_dev_tasks release
This patch addresses a bug in the target core release path for HW operation where transport_free_dev_tasks() was incorrectly being called from transport_lun_remove_cmd() while releasing a se_cmd reference and calling struct target_core_fabric_ops->queue_data_in(). This would result in a OOPs with HW target mode when the release of se_task->task_sg[] would happen before pci_unmap_sg() can be called in HW target mode fabric module code. This patch addresses the issue by moving transport_free_dev_tasks() from transport_lun_remove_cmd() into transport_generic_free_cmd(), and adding TRANSPORT_FREE_CMD_INTR and transport_generic_free_cmd_intr() to allow se_cmd descriptor release to happen fromfrom within transport_processing_thread() process context when release of se_cmd is not possible from HW interrupt context. Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org> Cc: stable@kernel.org Signed-off-by: James Bottomley <jbottomley@parallels.com>
This commit is contained in:
Nicholas Bellinger
committed by
James Bottomley
James Bottomley
parent
53ab6709b4
commit
f436677262
@@ -98,6 +98,7 @@ enum transport_state_table {
|
||||
TRANSPORT_REMOVE = 14,
|
||||
TRANSPORT_FREE = 15,
|
||||
TRANSPORT_NEW_CMD_MAP = 16,
|
||||
TRANSPORT_FREE_CMD_INTR = 17,
|
||||
};
|
||||
|
||||
/* Used for struct se_cmd->se_cmd_flags */
|
||||
|
||||
Reference in New Issue
Block a user