diff options
| author | Sreekanth Reddy <Sreekanth.Reddy@lsi.com> | 2013-06-28 18:22:03 -0400 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2013-07-28 19:30:12 -0400 |
| commit | e90c1dc2c6298f7d369804aa7873d1c4c434f9d3 (patch) | |
| tree | e7d2f2aed5452e3ea3fb4b802a128eeca887fd30 | |
| parent | 72ffadbae16297ac86e31c759450e0e395209903 (diff) | |
SCSI: mpt3sas: fix for kernel panic when driver loads with HBA conected to non LUN 0 configured expander
commit b65cfedf4560af65305bd7b3b9f26c02c6fb3660 upstream.
With some enclosures when LUN 0 is not created but LUN 1 or LUN X is created
then SCSI scan procedure calls target_alloc, slave_alloc call back functions
for LUN 0 and slave_destory() for same LUN 0.
In these kind of cases within slave_destroy, pointer to scsi_target in
_sas_device structure is set to NULL, following which when slave_alloc for LUN
1 is called then starget would not be set properly for this LUN. So,
scsi_target pointer pointing to NULL value would lead to a crash later in the
discovery procedure.
To solve this issue set the sas_device's scsi_target pointer to scsi_device's
scsi_target if it is NULL earlier in slave_alloc callback function.
Signed-off-by: Sreekanth Reddy <Sreekanth.Reddy@lsi.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| -rw-r--r-- | drivers/scsi/mpt3sas/mpt3sas_scsih.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/drivers/scsi/mpt3sas/mpt3sas_scsih.c b/drivers/scsi/mpt3sas/mpt3sas_scsih.c index 1fb5c6bcb786..f8c4b8564251 100644 --- a/drivers/scsi/mpt3sas/mpt3sas_scsih.c +++ b/drivers/scsi/mpt3sas/mpt3sas_scsih.c | |||
| @@ -1273,6 +1273,7 @@ _scsih_slave_alloc(struct scsi_device *sdev) | |||
| 1273 | struct MPT3SAS_DEVICE *sas_device_priv_data; | 1273 | struct MPT3SAS_DEVICE *sas_device_priv_data; |
| 1274 | struct scsi_target *starget; | 1274 | struct scsi_target *starget; |
| 1275 | struct _raid_device *raid_device; | 1275 | struct _raid_device *raid_device; |
| 1276 | struct _sas_device *sas_device; | ||
| 1276 | unsigned long flags; | 1277 | unsigned long flags; |
| 1277 | 1278 | ||
| 1278 | sas_device_priv_data = kzalloc(sizeof(struct scsi_device), GFP_KERNEL); | 1279 | sas_device_priv_data = kzalloc(sizeof(struct scsi_device), GFP_KERNEL); |
| @@ -1301,6 +1302,19 @@ _scsih_slave_alloc(struct scsi_device *sdev) | |||
| 1301 | spin_unlock_irqrestore(&ioc->raid_device_lock, flags); | 1302 | spin_unlock_irqrestore(&ioc->raid_device_lock, flags); |
| 1302 | } | 1303 | } |
| 1303 | 1304 | ||
| 1305 | if (!(sas_target_priv_data->flags & MPT_TARGET_FLAGS_VOLUME)) { | ||
| 1306 | spin_lock_irqsave(&ioc->sas_device_lock, flags); | ||
| 1307 | sas_device = mpt3sas_scsih_sas_device_find_by_sas_address(ioc, | ||
| 1308 | sas_target_priv_data->sas_address); | ||
| 1309 | if (sas_device && (sas_device->starget == NULL)) { | ||
| 1310 | sdev_printk(KERN_INFO, sdev, | ||
| 1311 | "%s : sas_device->starget set to starget @ %d\n", | ||
| 1312 | __func__, __LINE__); | ||
| 1313 | sas_device->starget = starget; | ||
| 1314 | } | ||
| 1315 | spin_unlock_irqrestore(&ioc->sas_device_lock, flags); | ||
| 1316 | } | ||
| 1317 | |||
| 1304 | return 0; | 1318 | return 0; |
| 1305 | } | 1319 | } |
| 1306 | 1320 | ||