[openEuler-21.09 16/44] scsi: pm80xx: Pass gfp_t flags to libsas event notifiers

From: "Ahmed S. Darwish" a.darwish@linutronix.de

mainline inclusion from mainline-master commit cd4e8176989f4909550ac7b95f475e993ae67f8b category: bugfix bugzilla: 175270 CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

------------------------------------------------------------------------

Use the new libsas event notifiers API, which requires callers to explicitly pass the gfp_t memory allocation flags.

Call chain analysis, pm8001_hwi.c:

pm8001_interrupt_handler_msix() || pm8001_interrupt_handler_intx() || pm8001_tasklet() -> PM8001_CHIP_DISP->isr() = pm80xx_chip_isr() -> process_oq [spin_lock_irqsave(&pm8001_ha->lock, ...)] -> process_one_iomb() -> mpi_hw_event() -> hw_event_sas_phy_up() -> pm8001_bytes_dmaed() -> hw_event_sata_phy_up -> pm8001_bytes_dmaed()

All functions are invoked by process_one_iomb(), which is invoked by the interrupt service routine and the tasklet handler. A similar call chain is also found at pm80xx_hwi.c. Pass GFP_ATOMIC.

For pm8001_sas.c, pm8001_phy_control() runs in task context as it calls wait_for_completion() and msleep(). Pass GFP_KERNEL.

Link: https://lore.kernel.org/r/20210118100955.1761652-10-a.darwish@linutronix.de Cc: Jack Wang jinpu.wang@cloud.ionos.com Reviewed-by: John Garry john.garry@huawei.com Reviewed-by: Jack Wang jinpu.wang@cloud.ionos.com Signed-off-by: Ahmed S. Darwish a.darwish@linutronix.de Signed-off-by: Martin K. Petersen martin.petersen@oracle.com Reviewed-by: Ouyangdelong ouyangdelong@huawei.com Signed-off-by: Nifujia nifujia1@hisilicon.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- drivers/scsi/pm8001/pm8001_hwi.c | 54 +++++++++++++++++++++----------- drivers/scsi/pm8001/pm8001_sas.c | 8 ++--- drivers/scsi/pm8001/pm80xx_hwi.c | 41 +++++++++++++++--------- 3 files changed, 65 insertions(+), 38 deletions(-)

diff --git a/drivers/scsi/pm8001/pm8001_hwi.c b/drivers/scsi/pm8001/pm8001_hwi.c index 2114d2dd3501..adb16313ecd5 100644 --- a/drivers/scsi/pm8001/pm8001_hwi.c +++ b/drivers/scsi/pm8001/pm8001_hwi.c @@ -3179,7 +3179,7 @@ void pm8001_bytes_dmaed(struct pm8001_hba_info *pm8001_ha, int i) pm8001_dbg(pm8001_ha, MSG, "phy %d byte dmaded.\n", i);

sas_phy->frame_rcvd_size = phy->frame_rcvd_size; - sas_notify_port_event(sas_phy, PORTE_BYTES_DMAED); + sas_notify_port_event_gfp(sas_phy, PORTE_BYTES_DMAED, GFP_ATOMIC); }

/* Get the link rate speed */ @@ -3336,7 +3336,7 @@ hw_event_sas_phy_up(struct pm8001_hba_info *pm8001_ha, void *piomb) else if (phy->identify.device_type != SAS_PHY_UNUSED) phy->identify.target_port_protocols = SAS_PROTOCOL_SMP; phy->sas_phy.oob_mode = SAS_OOB_MODE; - sas_notify_phy_event(&phy->sas_phy, PHYE_OOB_DONE); + sas_notify_phy_event_gfp(&phy->sas_phy, PHYE_OOB_DONE, GFP_ATOMIC); spin_lock_irqsave(&phy->sas_phy.frame_rcvd_lock, flags); memcpy(phy->frame_rcvd, &pPayload->sas_identify, sizeof(struct sas_identify_frame)-4); @@ -3379,7 +3379,7 @@ hw_event_sata_phy_up(struct pm8001_hba_info *pm8001_ha, void *piomb) phy->phy_type |= PORT_TYPE_SATA; phy->phy_attached = 1; phy->sas_phy.oob_mode = SATA_OOB_MODE; - sas_notify_phy_event(&phy->sas_phy, PHYE_OOB_DONE); + sas_notify_phy_event_gfp(&phy->sas_phy, PHYE_OOB_DONE, GFP_ATOMIC); spin_lock_irqsave(&phy->sas_phy.frame_rcvd_lock, flags); memcpy(phy->frame_rcvd, ((u8 *)&pPayload->sata_fis - 4), sizeof(struct dev_to_host_fis)); @@ -3728,11 +3728,13 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void* piomb) break; case HW_EVENT_SATA_SPINUP_HOLD: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_SATA_SPINUP_HOLD\n"); - sas_notify_phy_event(&phy->sas_phy, PHYE_SPINUP_HOLD); + sas_notify_phy_event_gfp(&phy->sas_phy, PHYE_SPINUP_HOLD, + GFP_ATOMIC); break; case HW_EVENT_PHY_DOWN: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_PHY_DOWN\n"); - sas_notify_phy_event(&phy->sas_phy, PHYE_LOSS_OF_SIGNAL); + sas_notify_phy_event_gfp(&phy->sas_phy, PHYE_LOSS_OF_SIGNAL, + GFP_ATOMIC); phy->phy_attached = 0; phy->phy_state = 0; hw_event_phy_down(pm8001_ha, piomb); @@ -3741,7 +3743,8 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void* piomb) pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_PORT_INVALID\n"); sas_phy_disconnected(sas_phy); phy->phy_attached = 0; - sas_notify_port_event(sas_phy, PORTE_LINK_RESET_ERR); + sas_notify_port_event_gfp(sas_phy, PORTE_LINK_RESET_ERR, + GFP_ATOMIC); break; /* the broadcast change primitive received, tell the LIBSAS this event to revalidate the sas domain*/ @@ -3752,20 +3755,23 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void* piomb) spin_lock_irqsave(&sas_phy->sas_prim_lock, flags); sas_phy->sas_prim = HW_EVENT_BROADCAST_CHANGE; spin_unlock_irqrestore(&sas_phy->sas_prim_lock, flags); - sas_notify_port_event(sas_phy, PORTE_BROADCAST_RCVD); + sas_notify_port_event_gfp(sas_phy, PORTE_BROADCAST_RCVD, + GFP_ATOMIC); break; case HW_EVENT_PHY_ERROR: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_PHY_ERROR\n"); sas_phy_disconnected(&phy->sas_phy); phy->phy_attached = 0; - sas_notify_phy_event(&phy->sas_phy, PHYE_OOB_ERROR); + sas_notify_phy_event_gfp(&phy->sas_phy, PHYE_OOB_ERROR, + GFP_ATOMIC); break; case HW_EVENT_BROADCAST_EXP: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_BROADCAST_EXP\n"); spin_lock_irqsave(&sas_phy->sas_prim_lock, flags); sas_phy->sas_prim = HW_EVENT_BROADCAST_EXP; spin_unlock_irqrestore(&sas_phy->sas_prim_lock, flags); - sas_notify_port_event(sas_phy, PORTE_BROADCAST_RCVD); + sas_notify_port_event_gfp(sas_phy, PORTE_BROADCAST_RCVD, + GFP_ATOMIC); break; case HW_EVENT_LINK_ERR_INVALID_DWORD: pm8001_dbg(pm8001_ha, MSG, @@ -3774,7 +3780,8 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void* piomb) HW_EVENT_LINK_ERR_INVALID_DWORD, port_id, phy_id, 0, 0); sas_phy_disconnected(sas_phy); phy->phy_attached = 0; - sas_notify_port_event(sas_phy, PORTE_LINK_RESET_ERR); + sas_notify_port_event_gfp(sas_phy, PORTE_LINK_RESET_ERR, + GFP_ATOMIC); break; case HW_EVENT_LINK_ERR_DISPARITY_ERROR: pm8001_dbg(pm8001_ha, MSG, @@ -3784,7 +3791,8 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void* piomb) port_id, phy_id, 0, 0); sas_phy_disconnected(sas_phy); phy->phy_attached = 0; - sas_notify_port_event(sas_phy, PORTE_LINK_RESET_ERR); + sas_notify_port_event_gfp(sas_phy, PORTE_LINK_RESET_ERR, + GFP_ATOMIC); break; case HW_EVENT_LINK_ERR_CODE_VIOLATION: pm8001_dbg(pm8001_ha, MSG, @@ -3794,7 +3802,8 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void* piomb) port_id, phy_id, 0, 0); sas_phy_disconnected(sas_phy); phy->phy_attached = 0; - sas_notify_port_event(sas_phy, PORTE_LINK_RESET_ERR); + sas_notify_port_event_gfp(sas_phy, PORTE_LINK_RESET_ERR, + GFP_ATOMIC); break; case HW_EVENT_LINK_ERR_LOSS_OF_DWORD_SYNCH: pm8001_dbg(pm8001_ha, MSG, @@ -3804,7 +3813,8 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void* piomb) port_id, phy_id, 0, 0); sas_phy_disconnected(sas_phy); phy->phy_attached = 0; - sas_notify_port_event(sas_phy, PORTE_LINK_RESET_ERR); + sas_notify_port_event_gfp(sas_phy, PORTE_LINK_RESET_ERR, + GFP_ATOMIC); break; case HW_EVENT_MALFUNCTION: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_MALFUNCTION\n"); @@ -3814,7 +3824,8 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void* piomb) spin_lock_irqsave(&sas_phy->sas_prim_lock, flags); sas_phy->sas_prim = HW_EVENT_BROADCAST_SES; spin_unlock_irqrestore(&sas_phy->sas_prim_lock, flags); - sas_notify_port_event(sas_phy, PORTE_BROADCAST_RCVD); + sas_notify_port_event_gfp(sas_phy, PORTE_BROADCAST_RCVD, + GFP_ATOMIC); break; case HW_EVENT_INBOUND_CRC_ERROR: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_INBOUND_CRC_ERROR\n"); @@ -3824,13 +3835,15 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void* piomb) break; case HW_EVENT_HARD_RESET_RECEIVED: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_HARD_RESET_RECEIVED\n"); - sas_notify_port_event(sas_phy, PORTE_HARD_RESET); + sas_notify_port_event_gfp(sas_phy, PORTE_HARD_RESET, + GFP_ATOMIC); break; case HW_EVENT_ID_FRAME_TIMEOUT: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_ID_FRAME_TIMEOUT\n"); sas_phy_disconnected(sas_phy); phy->phy_attached = 0; - sas_notify_port_event(sas_phy, PORTE_LINK_RESET_ERR); + sas_notify_port_event_gfp(sas_phy, PORTE_LINK_RESET_ERR, + GFP_ATOMIC); break; case HW_EVENT_LINK_ERR_PHY_RESET_FAILED: pm8001_dbg(pm8001_ha, MSG, @@ -3840,20 +3853,23 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void* piomb) port_id, phy_id, 0, 0); sas_phy_disconnected(sas_phy); phy->phy_attached = 0; - sas_notify_port_event(sas_phy, PORTE_LINK_RESET_ERR); + sas_notify_port_event_gfp(sas_phy, PORTE_LINK_RESET_ERR, + GFP_ATOMIC); break; case HW_EVENT_PORT_RESET_TIMER_TMO: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_PORT_RESET_TIMER_TMO\n"); sas_phy_disconnected(sas_phy); phy->phy_attached = 0; - sas_notify_port_event(sas_phy, PORTE_LINK_RESET_ERR); + sas_notify_port_event_gfp(sas_phy, PORTE_LINK_RESET_ERR, + GFP_ATOMIC); break; case HW_EVENT_PORT_RECOVERY_TIMER_TMO: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_PORT_RECOVERY_TIMER_TMO\n"); sas_phy_disconnected(sas_phy); phy->phy_attached = 0; - sas_notify_port_event(sas_phy, PORTE_LINK_RESET_ERR); + sas_notify_port_event_gfp(sas_phy, PORTE_LINK_RESET_ERR, + GFP_ATOMIC); break; case HW_EVENT_PORT_RECOVER: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_PORT_RECOVER\n"); diff --git a/drivers/scsi/pm8001/pm8001_sas.c b/drivers/scsi/pm8001/pm8001_sas.c index 39de9a9360d3..faffa3952805 100644 --- a/drivers/scsi/pm8001/pm8001_sas.c +++ b/drivers/scsi/pm8001/pm8001_sas.c @@ -207,16 +207,16 @@ int pm8001_phy_control(struct asd_sas_phy *sas_phy, enum phy_func func, if (pm8001_ha->phy[phy_id].phy_state == PHY_STATE_LINK_UP_SPCV) { sas_phy_disconnected(&phy->sas_phy); - sas_notify_phy_event(&phy->sas_phy, - PHYE_LOSS_OF_SIGNAL); + sas_notify_phy_event_gfp(&phy->sas_phy, + PHYE_LOSS_OF_SIGNAL, GFP_KERNEL); phy->phy_attached = 0; } } else { if (pm8001_ha->phy[phy_id].phy_state == PHY_STATE_LINK_UP_SPC) { sas_phy_disconnected(&phy->sas_phy); - sas_notify_phy_event(&phy->sas_phy, - PHYE_LOSS_OF_SIGNAL); + sas_notify_phy_event_gfp(&phy->sas_phy, + PHYE_LOSS_OF_SIGNAL, GFP_KERNEL); phy->phy_attached = 0; } } diff --git a/drivers/scsi/pm8001/pm80xx_hwi.c b/drivers/scsi/pm8001/pm80xx_hwi.c index a203a4fc2674..a542f8555312 100644 --- a/drivers/scsi/pm8001/pm80xx_hwi.c +++ b/drivers/scsi/pm8001/pm80xx_hwi.c @@ -3286,7 +3286,7 @@ hw_event_sas_phy_up(struct pm8001_hba_info *pm8001_ha, void *piomb) else if (phy->identify.device_type != SAS_PHY_UNUSED) phy->identify.target_port_protocols = SAS_PROTOCOL_SMP; phy->sas_phy.oob_mode = SAS_OOB_MODE; - sas_notify_phy_event(&phy->sas_phy, PHYE_OOB_DONE); + sas_notify_phy_event_gfp(&phy->sas_phy, PHYE_OOB_DONE, GFP_ATOMIC); spin_lock_irqsave(&phy->sas_phy.frame_rcvd_lock, flags); memcpy(phy->frame_rcvd, &pPayload->sas_identify, sizeof(struct sas_identify_frame)-4); @@ -3333,7 +3333,7 @@ hw_event_sata_phy_up(struct pm8001_hba_info *pm8001_ha, void *piomb) phy->phy_type |= PORT_TYPE_SATA; phy->phy_attached = 1; phy->sas_phy.oob_mode = SATA_OOB_MODE; - sas_notify_phy_event(&phy->sas_phy, PHYE_OOB_DONE); + sas_notify_phy_event_gfp(&phy->sas_phy, PHYE_OOB_DONE, GFP_ATOMIC); spin_lock_irqsave(&phy->sas_phy.frame_rcvd_lock, flags); memcpy(phy->frame_rcvd, ((u8 *)&pPayload->sata_fis - 4), sizeof(struct dev_to_host_fis)); @@ -3416,7 +3416,8 @@ hw_event_phy_down(struct pm8001_hba_info *pm8001_ha, void *piomb)

} if (port_sata && (portstate != PORT_IN_RESET)) - sas_notify_phy_event(&phy->sas_phy, PHYE_LOSS_OF_SIGNAL); + sas_notify_phy_event_gfp(&phy->sas_phy, PHYE_LOSS_OF_SIGNAL, + GFP_ATOMIC); }

static int mpi_phy_start_resp(struct pm8001_hba_info *pm8001_ha, void *piomb) @@ -3514,7 +3515,8 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void *piomb) break; case HW_EVENT_SATA_SPINUP_HOLD: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_SATA_SPINUP_HOLD\n"); - sas_notify_phy_event(&phy->sas_phy, PHYE_SPINUP_HOLD); + sas_notify_phy_event_gfp(&phy->sas_phy, PHYE_SPINUP_HOLD, + GFP_ATOMIC); break; case HW_EVENT_PHY_DOWN: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_PHY_DOWN\n"); @@ -3530,7 +3532,8 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void *piomb) pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_PORT_INVALID\n"); sas_phy_disconnected(sas_phy); phy->phy_attached = 0; - sas_notify_port_event(sas_phy, PORTE_LINK_RESET_ERR); + sas_notify_port_event_gfp(sas_phy, PORTE_LINK_RESET_ERR, + GFP_ATOMIC); break; /* the broadcast change primitive received, tell the LIBSAS this event to revalidate the sas domain*/ @@ -3541,20 +3544,23 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void *piomb) spin_lock_irqsave(&sas_phy->sas_prim_lock, flags); sas_phy->sas_prim = HW_EVENT_BROADCAST_CHANGE; spin_unlock_irqrestore(&sas_phy->sas_prim_lock, flags); - sas_notify_port_event(sas_phy, PORTE_BROADCAST_RCVD); + sas_notify_port_event_gfp(sas_phy, PORTE_BROADCAST_RCVD, + GFP_ATOMIC); break; case HW_EVENT_PHY_ERROR: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_PHY_ERROR\n"); sas_phy_disconnected(&phy->sas_phy); phy->phy_attached = 0; - sas_notify_phy_event(&phy->sas_phy, PHYE_OOB_ERROR); + sas_notify_phy_event_gfp(&phy->sas_phy, PHYE_OOB_ERROR, + GFP_ATOMIC); break; case HW_EVENT_BROADCAST_EXP: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_BROADCAST_EXP\n"); spin_lock_irqsave(&sas_phy->sas_prim_lock, flags); sas_phy->sas_prim = HW_EVENT_BROADCAST_EXP; spin_unlock_irqrestore(&sas_phy->sas_prim_lock, flags); - sas_notify_port_event(sas_phy, PORTE_BROADCAST_RCVD); + sas_notify_port_event_gfp(sas_phy, PORTE_BROADCAST_RCVD, + GFP_ATOMIC); break; case HW_EVENT_LINK_ERR_INVALID_DWORD: pm8001_dbg(pm8001_ha, MSG, @@ -3591,7 +3597,8 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void *piomb) spin_lock_irqsave(&sas_phy->sas_prim_lock, flags); sas_phy->sas_prim = HW_EVENT_BROADCAST_SES; spin_unlock_irqrestore(&sas_phy->sas_prim_lock, flags); - sas_notify_port_event(sas_phy, PORTE_BROADCAST_RCVD); + sas_notify_port_event_gfp(sas_phy, PORTE_BROADCAST_RCVD, + GFP_ATOMIC); break; case HW_EVENT_INBOUND_CRC_ERROR: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_INBOUND_CRC_ERROR\n"); @@ -3601,13 +3608,15 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void *piomb) break; case HW_EVENT_HARD_RESET_RECEIVED: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_HARD_RESET_RECEIVED\n"); - sas_notify_port_event(sas_phy, PORTE_HARD_RESET); + sas_notify_port_event_gfp(sas_phy, PORTE_HARD_RESET, + GFP_ATOMIC); break; case HW_EVENT_ID_FRAME_TIMEOUT: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_ID_FRAME_TIMEOUT\n"); sas_phy_disconnected(sas_phy); phy->phy_attached = 0; - sas_notify_port_event(sas_phy, PORTE_LINK_RESET_ERR); + sas_notify_port_event_gfp(sas_phy, PORTE_LINK_RESET_ERR, + GFP_ATOMIC); break; case HW_EVENT_LINK_ERR_PHY_RESET_FAILED: pm8001_dbg(pm8001_ha, MSG, @@ -3617,7 +3626,8 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void *piomb) port_id, phy_id, 0, 0); sas_phy_disconnected(sas_phy); phy->phy_attached = 0; - sas_notify_port_event(sas_phy, PORTE_LINK_RESET_ERR); + sas_notify_port_event_gfp(sas_phy, PORTE_LINK_RESET_ERR, + GFP_ATOMIC); break; case HW_EVENT_PORT_RESET_TIMER_TMO: pm8001_dbg(pm8001_ha, MSG, "HW_EVENT_PORT_RESET_TIMER_TMO\n"); @@ -3625,7 +3635,8 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void *piomb) port_id, phy_id, 0, 0); sas_phy_disconnected(sas_phy); phy->phy_attached = 0; - sas_notify_port_event(sas_phy, PORTE_LINK_RESET_ERR); + sas_notify_port_event_gfp(sas_phy, PORTE_LINK_RESET_ERR, + GFP_ATOMIC); if (pm8001_ha->phy[phy_id].reset_completion) { pm8001_ha->phy[phy_id].port_reset_status = PORT_RESET_TMO; @@ -3642,8 +3653,8 @@ static int mpi_hw_event(struct pm8001_hba_info *pm8001_ha, void *piomb) for (i = 0; i < pm8001_ha->chip->n_phy; i++) { if (port->wide_port_phymap & (1 << i)) { phy = &pm8001_ha->phy[i]; - sas_notify_phy_event(&phy->sas_phy, - PHYE_LOSS_OF_SIGNAL); + sas_notify_phy_event_gfp(&phy->sas_phy, + PHYE_LOSS_OF_SIGNAL, GFP_ATOMIC); port->wide_port_phymap &= ~(1 << i); } }