[PATCH 5.8 148/177] nvme: Revert: Fix controller creation races with teardown flow

From: Greg Kroah-Hartman
Date: Tue Sep 15 2020 - 19:12:23 EST

Next message: Greg Kroah-Hartman: "[PATCH 5.8 147/177] mmc: sdhci-of-esdhc: Dont walk device-tree on every interrupt"
Previous message: Greg Kroah-Hartman: "[PATCH 5.8 159/177] Revert "usb: dwc3: meson-g12a: fix shared reset control use""
In reply to: Greg Kroah-Hartman: "[PATCH 5.8 159/177] Revert "usb: dwc3: meson-g12a: fix shared reset control use""
Next in thread: Greg Kroah-Hartman: "[PATCH 5.8 147/177] mmc: sdhci-of-esdhc: Dont walk device-tree on every interrupt"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: James Smart <james.smart@xxxxxxxxxxxx>

commit b63de8400a6e1001b5732286cf6f5ec27799b7b4 upstream.

The indicated patch introduced a barrier in the sysfs_delete attribute
for the controller that rejects the request if the controller isn't
created. "Created" is defined as at least 1 call to nvme_start_ctrl().

This is problematic in error-injection testing. If an error occurs on
the initial attempt to create an association and the controller enters
reconnect(s) attempts, the admin cannot delete the controller until
either there is a successful association created or ctrl_loss_tmo
times out.

Where this issue is particularly hurtful is when the "admin" is the
nvme-cli, it is performing a connection to a discovery controller, and
it is initiated via auto-connect scripts. With the FC transport, if the
first connection attempt fails, the controller enters a normal reconnect
state but returns control to the cli thread that created the controller.
In this scenario, the cli attempts to read the discovery log via ioctl,
which fails, causing the cli to see it as an empty log and then proceeds
to delete the discovery controller. The delete is rejected and the
controller is left live. If the discovery controller reconnect then
succeeds, there is no action to delete it, and it sits live doing nothing.

Cc: <stable@xxxxxxxxxxxxxxx> # v5.7+
Fixes: ce1518139e69 ("nvme: Fix controller creation races with teardown flow")
Signed-off-by: James Smart <james.smart@xxxxxxxxxxxx>
CC: Israel Rukshin <israelr@xxxxxxxxxxxx>
CC: Max Gurtovoy <maxg@xxxxxxxxxxxx>
CC: Christoph Hellwig <hch@xxxxxx>
CC: Keith Busch <kbusch@xxxxxxxxxx>
CC: Sagi Grimberg <sagi@xxxxxxxxxxx>
Signed-off-by: Christoph Hellwig <hch@xxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
drivers/nvme/host/core.c | 5 -----
drivers/nvme/host/nvme.h | 1 -
2 files changed, 6 deletions(-)

--- a/drivers/nvme/host/core.c
+++ b/drivers/nvme/host/core.c
@@ -3324,10 +3324,6 @@ static ssize_t nvme_sysfs_delete(struct
{
struct nvme_ctrl *ctrl = dev_get_drvdata(dev);

- /* Can't delete non-created controllers */
- if (!ctrl->created)
- return -EBUSY;
-
if (device_remove_file_self(dev, attr))
nvme_delete_ctrl_sync(ctrl);
return count;
@@ -4129,7 +4125,6 @@ void nvme_start_ctrl(struct nvme_ctrl *c
nvme_queue_scan(ctrl);
nvme_start_queues(ctrl);
}
- ctrl->created = true;
}
EXPORT_SYMBOL_GPL(nvme_start_ctrl);

--- a/drivers/nvme/host/nvme.h
+++ b/drivers/nvme/host/nvme.h
@@ -271,7 +271,6 @@ struct nvme_ctrl {
struct nvme_command ka_cmd;
struct work_struct fw_act_work;
unsigned long events;
- bool created;

#ifdef CONFIG_NVME_MULTIPATH
/* asymmetric namespace access: */

Next message: Greg Kroah-Hartman: "[PATCH 5.8 147/177] mmc: sdhci-of-esdhc: Dont walk device-tree on every interrupt"
Previous message: Greg Kroah-Hartman: "[PATCH 5.8 159/177] Revert "usb: dwc3: meson-g12a: fix shared reset control use""
In reply to: Greg Kroah-Hartman: "[PATCH 5.8 159/177] Revert "usb: dwc3: meson-g12a: fix shared reset control use""
Next in thread: Greg Kroah-Hartman: "[PATCH 5.8 147/177] mmc: sdhci-of-esdhc: Dont walk device-tree on every interrupt"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]