From 63dc7ea18264bc7bf00797e29db6ec3f96edc0d2 Mon Sep 17 00:00:00 2001 From: Adrian Hunter Date: Fri, 8 Oct 2021 11:40:48 +0300 Subject: [PATCH] UPSTREAM: scsi: ufs: core: Fix synchronization between scsi_unjam_host() and ufshcd_queuecommand() The SCSI error handler calls scsi_unjam_host() which can call the queue function ufshcd_queuecommand() indirectly. The error handler changes the state to UFSHCD_STATE_RESET while running, but error interrupts that happen while the error handler is running could change the state to UFSHCD_STATE_EH_SCHEDULED_NON_FATAL which would allow requests to go through ufshcd_queuecommand() even though the error handler is running. Block that hole by checking whether the error handler is in progress. Link: https://lore.kernel.org/r/20211008084048.257498-1-adrian.hunter@intel.com Reviewed-by: Asutosh Das Signed-off-by: Adrian Hunter Signed-off-by: Martin K. Petersen Bug: 204438323 (cherry picked from commit d489f18ad1fc33ab9b60dc40fe3851bb0d87de28) Change-Id: I11215e2217ed392ff3b57a89fc963558a1ef39bc Signed-off-by: Bart Van Assche --- drivers/scsi/ufs/ufshcd.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/drivers/scsi/ufs/ufshcd.c b/drivers/scsi/ufs/ufshcd.c index 270d2fa0cb80..c873f25a6e68 100644 --- a/drivers/scsi/ufs/ufshcd.c +++ b/drivers/scsi/ufs/ufshcd.c @@ -2717,7 +2717,19 @@ static int ufshcd_queuecommand(struct Scsi_Host *host, struct scsi_cmnd *cmd) switch (hba->ufshcd_state) { case UFSHCD_STATE_OPERATIONAL: + break; case UFSHCD_STATE_EH_SCHEDULED_NON_FATAL: + /* + * SCSI error handler can call ->queuecommand() while UFS error + * handler is in progress. Error interrupts could change the + * state from UFSHCD_STATE_RESET to + * UFSHCD_STATE_EH_SCHEDULED_NON_FATAL. Prevent requests + * being issued in that case. + */ + if (ufshcd_eh_in_progress(hba)) { + err = SCSI_MLQUEUE_HOST_BUSY; + goto out; + } break; case UFSHCD_STATE_EH_SCHEDULED_FATAL: /*