From patchwork Wed Dec 13 09:11:08 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jia-Ju Bai X-Patchwork-Id: 10109535 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id EF7D760327 for ; Wed, 13 Dec 2017 09:09:14 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E81EE28D35 for ; Wed, 13 Dec 2017 09:09:14 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id DD05829021; Wed, 13 Dec 2017 09:09:14 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A459628D35 for ; Wed, 13 Dec 2017 09:09:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752078AbdLMJIy (ORCPT ); Wed, 13 Dec 2017 04:08:54 -0500 Received: from mail-it0-f66.google.com ([209.85.214.66]:32955 "EHLO mail-it0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751507AbdLMJIu (ORCPT ); Wed, 13 Dec 2017 04:08:50 -0500 Received: by mail-it0-f66.google.com with SMTP id o130so20235508itg.0; Wed, 13 Dec 2017 01:08:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=gx4H+6STcqisDH3966W/6ggAuB2cp+lChvnTbupXMYI=; b=UV0wiso8hdkHIbGmkVthbW28RuyxaWaBVTxXC3+gNNyLSaKXEYc6p9cXgunJytJJtn Uz94FbuGrq7vKMaGOvK38mGZDNK3xNR3u+zer/wC1oid372VDgLdX9z1UEP4v02tyrW+ xP9I0RZiuhfdRRSppn8cEORNEE68KCsmy7ybuXiPWCKrJZ2alivxBa39F0akK8UrUe59 dFBDtgdQmdF1Iyte+MpAQbeR5+Bfu4cDg5cRrFkQE0ywCTsWELGbShAB0IqAimtxGngy i5wffnpLZHy5J58k0OY9rFPnYGpLwCdoaFc5K9vlAF0/8hK3c7dnOIwJSO0/Ng5NmGxr AmLA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=gx4H+6STcqisDH3966W/6ggAuB2cp+lChvnTbupXMYI=; b=R3LZ9m/r1FKVCviOCKFF/KltUc3A9Jo3V66MAnnd60Hx2KmMX4IQzTlTXfoa9wmW8G YD+g0Dhk8khUN2ck74gYXpQLkAtDSSf8CDZTo7GhTAGCQrJgd5NvYw+l5VvyOwVHqqIg hdDJedlKvkIwA1zN6JUX2iktgaLT+p4OBMPddrAwHIAhx6ittF2nctn6lsTJ0GozSCP1 /fj5vsp9CqHsgxpj6tzGJF3ubeqPcBgkHrplSMlCskhUmYKI1Dt9rAc91T5EIQtCXZZL 8+5BCammtAWfwOY+Vy8RimpSb3tiIIJeR9YMD9djcfSH8lDDRlRLEugtV5FevTwS/iG/ ZhDg== X-Gm-Message-State: AKGB3mLt2c6lyBEVIFkyw7uXWspj6r6ZsQvjTR0QWSacebsKmVGNrKos NDk/nx+ygaABN6D/OCoVVSE= X-Google-Smtp-Source: ACJfBouaKXUxiY9hiq7pfDp2qmdSY0lOv/HS0gpWdRWLpJQwKlSC97wpIwuqTjtby6sKq+noIqM0bw== X-Received: by 10.36.13.67 with SMTP id 64mr2044352itx.126.1513156130163; Wed, 13 Dec 2017 01:08:50 -0800 (PST) Received: from bai-oslab.tsinghua.edu.cn ([2402:f000:1:4413:7146:1b55:9590:7719]) by smtp.gmail.com with ESMTPSA id z188sm864964itb.28.2017.12.13.01.08.46 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 13 Dec 2017 01:08:49 -0800 (PST) From: Jia-Ju Bai To: QLogic-Storage-Upstream@cavium.com, jejb@linux.vnet.ibm.com, martin.petersen@oracle.com Cc: linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org, Jia-Ju Bai Subject: [PATCH] qedi: Fix a possible sleep-in-atomic bug in qedi_process_tmf_resp Date: Wed, 13 Dec 2017 17:11:08 +0800 Message-Id: <1513156268-13328-1-git-send-email-baijiaju1990@gmail.com> X-Mailer: git-send-email 1.7.9.5 Sender: linux-scsi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-scsi@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The driver may sleep under a spinlock. The function call path is: qedi_cpu_offline (acquire the spinlock) qedi_fp_process_cqes qedi_mtask_completion qedi_process_tmf_resp kzalloc(GFP_KERNEL) --> may sleep To fix it, GFP_KERNEL is replaced with GFP_ATOMIC. This bug is found by my static analysis tool(DSAC) and checked by my code review. Signed-off-by: Jia-Ju Bai Acked-by: Manish Rangankar --- drivers/scsi/qedi/qedi_fw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/scsi/qedi/qedi_fw.c b/drivers/scsi/qedi/qedi_fw.c index bd302d3..20a9259 100644 --- a/drivers/scsi/qedi/qedi_fw.c +++ b/drivers/scsi/qedi/qedi_fw.c @@ -198,7 +198,7 @@ static void qedi_process_tmf_resp(struct qedi_ctx *qedi, cqe_tmp_response = &cqe->cqe_common.iscsi_hdr.tmf_response; qedi_cmd = task->dd_data; - qedi_cmd->tmf_resp_buf = kzalloc(sizeof(*resp_hdr_ptr), GFP_KERNEL); + qedi_cmd->tmf_resp_buf = kzalloc(sizeof(*resp_hdr_ptr), GFP_ATOMIC); if (!qedi_cmd->tmf_resp_buf) { QEDI_ERR(&qedi->dbg_ctx, "Failed to allocate resp buf, cid=0x%x\n",