aboutsummaryrefslogtreecommitdiffstats
path: root/block
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2015-04-09 17:12:22 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2015-04-11 16:42:16 -0400
commitac2111753ca9350c8634c5d5f592628b32652cf3 (patch)
tree6d662db69664afd6efda9c2570d22d056016f8ae /block
parent8fa5975900ba4e91e14a63f11fb7a026f60cecd5 (diff)
blk-mq: initialize 'struct request' and associated data to zero
Jan Engelhardt reports a strange oops with an invalid ->sense_buffer pointer in scsi_init_cmd_errh() with the blk-mq code. The sense_buffer pointer should have been initialized by the call to scsi_init_request() from blk_mq_init_rq_map(), but there seems to be some non-repeatable memory corruptor. This patch makes sure we initialize the whole struct request allocation (and the associated 'struct scsi_cmnd' for the SCSI case) to zero, by using __GFP_ZERO in the allocation. The old code initialized a couple of individual fields, leaving the rest undefined (although many of them are then initialized in later phases, like blk_mq_rq_ctx_init() etc. It's not entirely clear why this matters, but it's the rigth thing to do regardless, and with 4.0 imminent this is the defensive "let's just make sure everything is initialized properly" patch. Tested-by: Jan Engelhardt <jengelh@inai.de> Acked-by: Jens Axboe <axboe@kernel.dk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'block')
-rw-r--r--block/blk-mq.c4
1 files changed, 1 insertions, 3 deletions
diff --git a/block/blk-mq.c b/block/blk-mq.c
index b7b8933ec241..33c428530193 100644
--- a/block/blk-mq.c
+++ b/block/blk-mq.c
@@ -1457,7 +1457,7 @@ static struct blk_mq_tags *blk_mq_init_rq_map(struct blk_mq_tag_set *set,
1457 1457
1458 do { 1458 do {
1459 page = alloc_pages_node(set->numa_node, 1459 page = alloc_pages_node(set->numa_node,
1460 GFP_KERNEL | __GFP_NOWARN | __GFP_NORETRY, 1460 GFP_KERNEL | __GFP_NOWARN | __GFP_NORETRY | __GFP_ZERO,
1461 this_order); 1461 this_order);
1462 if (page) 1462 if (page)
1463 break; 1463 break;
@@ -1479,8 +1479,6 @@ static struct blk_mq_tags *blk_mq_init_rq_map(struct blk_mq_tag_set *set,
1479 left -= to_do * rq_size; 1479 left -= to_do * rq_size;
1480 for (j = 0; j < to_do; j++) { 1480 for (j = 0; j < to_do; j++) {
1481 tags->rqs[i] = p; 1481 tags->rqs[i] = p;
1482 tags->rqs[i]->atomic_flags = 0;
1483 tags->rqs[i]->cmd_flags = 0;
1484 if (set->ops->init_request) { 1482 if (set->ops->init_request) {
1485 if (set->ops->init_request(set->driver_data, 1483 if (set->ops->init_request(set->driver_data,
1486 tags->rqs[i], hctx_idx, i, 1484 tags->rqs[i], hctx_idx, i,