Re: [PATCH] nvme-core: remove head->effects to fix use-after-free

[Yuanyuan Zhong]

On Wed, Nov 15, 2023 at 11:55 AM Keith Busch <kbusch@xxxxxxxxxx> wrote:
>
> On Wed, Nov 15, 2023 at 11:21:53AM -0800, Yuanyuan Zhong wrote:
> > On Wed, Nov 15, 2023 at 11:02 AM Jens Axboe <axboe@xxxxxxxxx> wrote:
> >
> > Do you mean something like this? If not, can you please elaborate
> > "when we need"?
> > -               struct nvme_effects_log *cel = xa_load(&ctrl->cels, ns->head->ids.csi);
> > +               struct nvme_effects_log *cel = (ns->head->ids.csi == NVME_CSI_NVM) ?
> > +                       ctrl->effects : xa_load(&ctrl->cels, ns->head->ids.csi);
> > Will it be good to change ctrl->effects to ctrl->effects[3] for
> > already defined CSI?
>
> I suggest either re-assign the cached head->effects to one from a still
> live controller when current path is removed, or move the saved effects
> to the subsystem instead of the controller. All controllers in the
> subsystem should be reporting the same effects log anyway, so
Is it specified in spec that all controllers in the subsystem
should be reporting the same effects log?
> duplicating all that per-controller is kind of wasteful.