| Message ID | 1442994975-4330-4-git-send-email-acelan.kao@canonical.com |
|---|---|
| State | New |
| Headers | show |
Which tree did this patch come from? I don't see it in mainline. If it isn't in mainline, it would also be good to explain if this needed in Wily/4.2 as well. --chris On 09/23/2015 02:56 AM, AceLan Kao wrote: > From: Akinobu Mita <akinobu.mita@gmail.com> > > BugLink: http://bugs.launchpad.net/bugs/1498778 > > When unmapped hw queue is remapped after CPU topology is changed, > hctx->tags->cpumask is set before hctx->tags is allocated in > blk_mq_map_swqueue(). > > In order to fix this null pointer dereference, hctx->tags must be > allocated before configuring hctx->tags->cpumask. > > Fixes: f26cdc8536 ("blk-mq: Shared tag enhancements") > Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com> > Cc: Keith Busch <keith.busch@intel.com> > Cc: Jens Axboe <axboe@kernel.dk> > Cc: Ming Lei <tom.leiming@gmail.com> > > Signed-off-by: AceLan Kao <acelan.kao@canonical.com> > --- > block/blk-mq.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-) > > diff --git a/block/blk-mq.c b/block/blk-mq.c > index 9ea3230..74f7087 100644 > --- a/block/blk-mq.c > +++ b/block/blk-mq.c > @@ -1783,7 +1783,6 @@ static void blk_mq_map_swqueue(struct request_queue *q) > > hctx = q->mq_ops->map_queue(q, i); > cpumask_set_cpu(i, hctx->cpumask); > - cpumask_set_cpu(i, hctx->tags->cpumask); > ctx->index_hw = hctx->nr_ctx; > hctx->ctxs[hctx->nr_ctx++] = ctx; > } > @@ -1814,6 +1813,14 @@ static void blk_mq_map_swqueue(struct request_queue *q) > hctx->next_cpu = cpumask_first(hctx->cpumask); > hctx->next_cpu_batch = BLK_MQ_CPU_WORK_BATCH; > } > + > + queue_for_each_ctx(q, ctx, i) { > + if (!cpu_online(i)) > + continue; > + > + hctx = q->mq_ops->map_queue(q, i); > + cpumask_set_cpu(i, hctx->tags->cpumask); > + } > } > > static void blk_mq_update_tag_set_depth(struct blk_mq_tag_set *set) >
This patch comes from here, we only need the first commit in that series. https://lkml.org/lkml/2015/7/18/98 2015-09-23 21:57 GMT+08:00 Chris J Arges <chris.j.arges@canonical.com>: > Which tree did this patch come from? I don't see it in mainline. > If it isn't in mainline, it would also be good to explain if this needed > in Wily/4.2 as well. > > --chris > > On 09/23/2015 02:56 AM, AceLan Kao wrote: >> From: Akinobu Mita <akinobu.mita@gmail.com> >> >> BugLink: http://bugs.launchpad.net/bugs/1498778 >> >> When unmapped hw queue is remapped after CPU topology is changed, >> hctx->tags->cpumask is set before hctx->tags is allocated in >> blk_mq_map_swqueue(). >> >> In order to fix this null pointer dereference, hctx->tags must be >> allocated before configuring hctx->tags->cpumask. >> >> Fixes: f26cdc8536 ("blk-mq: Shared tag enhancements") >> Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com> >> Cc: Keith Busch <keith.busch@intel.com> >> Cc: Jens Axboe <axboe@kernel.dk> >> Cc: Ming Lei <tom.leiming@gmail.com> >> >> Signed-off-by: AceLan Kao <acelan.kao@canonical.com> >> --- >> block/blk-mq.c | 9 ++++++++- >> 1 file changed, 8 insertions(+), 1 deletion(-) >> >> diff --git a/block/blk-mq.c b/block/blk-mq.c >> index 9ea3230..74f7087 100644 >> --- a/block/blk-mq.c >> +++ b/block/blk-mq.c >> @@ -1783,7 +1783,6 @@ static void blk_mq_map_swqueue(struct request_queue *q) >> >> hctx = q->mq_ops->map_queue(q, i); >> cpumask_set_cpu(i, hctx->cpumask); >> - cpumask_set_cpu(i, hctx->tags->cpumask); >> ctx->index_hw = hctx->nr_ctx; >> hctx->ctxs[hctx->nr_ctx++] = ctx; >> } >> @@ -1814,6 +1813,14 @@ static void blk_mq_map_swqueue(struct request_queue *q) >> hctx->next_cpu = cpumask_first(hctx->cpumask); >> hctx->next_cpu_batch = BLK_MQ_CPU_WORK_BATCH; >> } >> + >> + queue_for_each_ctx(q, ctx, i) { >> + if (!cpu_online(i)) >> + continue; >> + >> + hctx = q->mq_ops->map_queue(q, i); >> + cpumask_set_cpu(i, hctx->tags->cpumask); >> + } >> } >> >> static void blk_mq_update_tag_set_depth(struct blk_mq_tag_set *set) >> > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team
diff --git a/block/blk-mq.c b/block/blk-mq.c index 9ea3230..74f7087 100644 --- a/block/blk-mq.c +++ b/block/blk-mq.c @@ -1783,7 +1783,6 @@ static void blk_mq_map_swqueue(struct request_queue *q) hctx = q->mq_ops->map_queue(q, i); cpumask_set_cpu(i, hctx->cpumask); - cpumask_set_cpu(i, hctx->tags->cpumask); ctx->index_hw = hctx->nr_ctx; hctx->ctxs[hctx->nr_ctx++] = ctx; } @@ -1814,6 +1813,14 @@ static void blk_mq_map_swqueue(struct request_queue *q) hctx->next_cpu = cpumask_first(hctx->cpumask); hctx->next_cpu_batch = BLK_MQ_CPU_WORK_BATCH; } + + queue_for_each_ctx(q, ctx, i) { + if (!cpu_online(i)) + continue; + + hctx = q->mq_ops->map_queue(q, i); + cpumask_set_cpu(i, hctx->tags->cpumask); + } } static void blk_mq_update_tag_set_depth(struct blk_mq_tag_set *set)