[PATCH AUTOSEL 5.4 059/130] scsi: atari_scsi: Fix race condition between .queuecommand and EH

Tue, 22 Dec 2020 18:26:11 -0800 

From: Finn Thain <fth...@telegraphics.com.au>

[ Upstream commit 03fe6a640a05c5dc04b6bcdddfb981d015e84ed4 ]

It is possible that bus_reset_cleanup() or .eh_abort_handler could be
invoked during NCR5380_queuecommand(). If that takes place before the new
command is enqueued and after the ST-DMA "lock" has been acquired, the
ST-DMA "lock" will be released again. This will result in a lost DMA
interrupt and a command timeout. Fix this by excluding EH and interrupt
handlers while the new command is enqueued.

Link: 
https://lore.kernel.org/r/af25163257796b50bb99d4ede4025cea55787b8f.1605847196.git.fth...@telegraphics.com.au
Tested-by: Michael Schmitz <schmitz...@gmail.com>
Reviewed-by: Michael Schmitz <schmitz...@gmail.com>
Signed-off-by: Finn Thain <fth...@telegraphics.com.au>
Signed-off-by: Martin K. Petersen <martin.peter...@oracle.com>
Signed-off-by: Sasha Levin <sas...@kernel.org>
---
 drivers/scsi/NCR5380.c    |  9 ++++++---
 drivers/scsi/atari_scsi.c | 10 +++-------
 2 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/drivers/scsi/NCR5380.c b/drivers/scsi/NCR5380.c
index d4401c768a0c7..5db10a16a743a 100644
--- a/drivers/scsi/NCR5380.c
+++ b/drivers/scsi/NCR5380.c
@@ -567,11 +567,14 @@ static int NCR5380_queue_command(struct Scsi_Host 
*instance,
 
        cmd->result = 0;
 
-       if (!NCR5380_acquire_dma_irq(instance))
-               return SCSI_MLQUEUE_HOST_BUSY;
-
        spin_lock_irqsave(&hostdata->lock, flags);
 
+       if (!NCR5380_acquire_dma_irq(instance)) {
+               spin_unlock_irqrestore(&hostdata->lock, flags);
+
+               return SCSI_MLQUEUE_HOST_BUSY;
+       }
+
        /*
         * Insert the cmd into the issue queue. Note that REQUEST SENSE
         * commands are added to the head of the queue since any command will
diff --git a/drivers/scsi/atari_scsi.c b/drivers/scsi/atari_scsi.c
index a82b63a666356..95d7a35860836 100644
--- a/drivers/scsi/atari_scsi.c
+++ b/drivers/scsi/atari_scsi.c
@@ -376,15 +376,11 @@ static int falcon_get_lock(struct Scsi_Host *instance)
        if (IS_A_TT())
                return 1;
 
-       if (stdma_is_locked_by(scsi_falcon_intr) &&
-           instance->hostt->can_queue > 1)
+       if (stdma_is_locked_by(scsi_falcon_intr))
                return 1;
 
-       if (in_interrupt())
-               return stdma_try_lock(scsi_falcon_intr, instance);
-
-       stdma_lock(scsi_falcon_intr, instance);
-       return 1;
+       /* stdma_lock() may sleep which means it can't be used here */
+       return stdma_try_lock(scsi_falcon_intr, instance);
 }
 
 #ifndef MODULE
-- 
2.27.0

Reply via email to