Commit d1f2ce77 authored by Mike Christie's avatar Mike Christie Committed by Martin K. Petersen
Browse files

scsi: qedi: Fix host removal with running sessions 

qedi_clear_session_ctx() could race with the in-kernel or userspace driven
recovery/removal and we could access a NULL conn or do a double free.

We should be using iscsi_host_remove() to start the removal process from
the driver. It will start the in-kernel recovery and notify userspace that
the driver's scsi_hosts are being removed. iscsid will then drive the
session removal like is done when the logout command is run. When the
sessions are removed, iscsi_host_remove() will return so qedi can finish
knowing there are no running sessions and no new sessions will be allowed.

This also fixes an issue where we check for a NULL conn after already
accessing it introduced in commit 27e98628 ("scsi: iscsi: Drop suspend
calls from ep_disconnect") by just removing the function completely.

Link: https://lore.kernel.org/r/20210609192709.5094-1-michael.christie@oracle.com


Fixes: 27e98628 ("scsi: iscsi: Drop suspend calls from ep_disconnect")
Signed-off-by: default avatarMike Christie <michael.christie@oracle.com>
Signed-off-by: default avatarMartin K. Petersen <martin.petersen@oracle.com>
parent 2938bedd

drivers/scsi/qedi/qedi_gbl.h

+0 −1
Original line number Diff line number Diff line
@@ -72,6 +72,5 @@ void qedi_remove_sysfs_ctx_attr(struct qedi_ctx *qedi); 
void qedi_clearsq(struct qedi_ctx *qedi,

		  struct qedi_conn *qedi_conn,

		  struct iscsi_task *task);

void qedi_clear_session_ctx(struct iscsi_cls_session *cls_sess);



#endif

drivers/scsi/qedi/qedi_iscsi.c

+0 −17
Original line number Diff line number Diff line
@@ -1659,23 +1659,6 @@ void qedi_process_iscsi_error(struct qedi_endpoint *ep, 
		qedi_start_conn_recovery(qedi_conn->qedi, qedi_conn);

}



void qedi_clear_session_ctx(struct iscsi_cls_session *cls_sess)

{

	struct iscsi_session *session = cls_sess->dd_data;

	struct iscsi_conn *conn = session->leadconn;

	struct qedi_conn *qedi_conn = conn->dd_data;



	if (iscsi_is_session_online(cls_sess)) {

		if (conn)

			iscsi_suspend_queue(conn);

		qedi_ep_disconnect(qedi_conn->iscsi_ep);

	}



	qedi_conn_destroy(qedi_conn->cls_conn);



	qedi_session_destroy(cls_sess);

}



void qedi_process_tcp_error(struct qedi_endpoint *ep,

			    struct iscsi_eqe_data *data)

{

drivers/scsi/qedi/qedi_main.c

+2 −5
Original line number Diff line number Diff line
@@ -2417,11 +2417,9 @@ static void __qedi_remove(struct pci_dev *pdev, int mode) 
	int rval;

	u16 retry = 10;



	if (mode == QEDI_MODE_SHUTDOWN)

		iscsi_host_for_each_session(qedi->shost,

					    qedi_clear_session_ctx);



	if (mode == QEDI_MODE_NORMAL || mode == QEDI_MODE_SHUTDOWN) {

		iscsi_host_remove(qedi->shost);



		if (qedi->tmf_thread) {

			flush_workqueue(qedi->tmf_thread);

			destroy_workqueue(qedi->tmf_thread);
@@ -2482,7 +2480,6 @@ static void __qedi_remove(struct pci_dev *pdev, int mode) 
		if (qedi->boot_kset)

			iscsi_boot_destroy_kset(qedi->boot_kset);



		iscsi_host_remove(qedi->shost);

		iscsi_host_free(qedi->shost);

	}

}