mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2026-05-16 04:21:09 -04:00
Merge tag 'nvme-7.0-2026-03-12' of git://git.infradead.org/nvme into block-7.0
Pull NVMe fixes from Keith: "- Fix nvme-pci IRQ race and slab-out-of-bounds access (Sungwoo Kim) - Fix recursive workqueue locking for target async events (Chaitanya) - Various cleanups (Maurizio Lombardi, Thorsten Blum)" * tag 'nvme-7.0-2026-03-12' of git://git.infradead.org/nvme: nvme: Annotate struct nvme_dhchap_key with __counted_by nvme-core: do not pass empty queue_limits to blk_mq_alloc_queue() nvme-pci: Fix race bug in nvme_poll_irqdisable() nvmet: move async event work off nvmet-wq nvme-pci: Fix slab-out-of-bounds in nvme_dbbuf_set
This commit is contained in:
Jens Axboe
@@ -4834,7 +4834,6 @@ EXPORT_SYMBOL_GPL(nvme_complete_async_event);
|
||||
int nvme_alloc_admin_tag_set(struct nvme_ctrl *ctrl, struct blk_mq_tag_set *set,
|
||||
const struct blk_mq_ops *ops, unsigned int cmd_size)
|
||||
{
|
||||
struct queue_limits lim = {};
|
||||
int ret;
|
||||
|
||||
memset(set, 0, sizeof(*set));
|
||||
@@ -4861,7 +4860,7 @@ int nvme_alloc_admin_tag_set(struct nvme_ctrl *ctrl, struct blk_mq_tag_set *set,
|
||||
if (ctrl->admin_q)
|
||||
blk_put_queue(ctrl->admin_q);
|
||||
|
||||
ctrl->admin_q = blk_mq_alloc_queue(set, &lim, NULL);
|
||||
ctrl->admin_q = blk_mq_alloc_queue(set, NULL, NULL);
|
||||
if (IS_ERR(ctrl->admin_q)) {
|
||||
ret = PTR_ERR(ctrl->admin_q);
|
||||
goto out_free_tagset;
|
||||
|
||||
@@ -544,7 +544,7 @@ static void nvme_dbbuf_set(struct nvme_dev *dev)
|
||||
/* Free memory and continue on */
|
||||
nvme_dbbuf_dma_free(dev);
|
||||
|
||||
for (i = 1; i <= dev->online_queues; i++)
|
||||
for (i = 1; i < dev->online_queues; i++)
|
||||
nvme_dbbuf_free(&dev->queues[i]);
|
||||
}
|
||||
}
|
||||
@@ -1625,14 +1625,16 @@ static irqreturn_t nvme_irq_check(int irq, void *data)
|
||||
static void nvme_poll_irqdisable(struct nvme_queue *nvmeq)
|
||||
{
|
||||
struct pci_dev *pdev = to_pci_dev(nvmeq->dev->dev);
|
||||
int irq;
|
||||
|
||||
WARN_ON_ONCE(test_bit(NVMEQ_POLLED, &nvmeq->flags));
|
||||
|
||||
disable_irq(pci_irq_vector(pdev, nvmeq->cq_vector));
|
||||
irq = pci_irq_vector(pdev, nvmeq->cq_vector);
|
||||
disable_irq(irq);
|
||||
spin_lock(&nvmeq->cq_poll_lock);
|
||||
nvme_poll_cq(nvmeq, NULL);
|
||||
spin_unlock(&nvmeq->cq_poll_lock);
|
||||
enable_irq(pci_irq_vector(pdev, nvmeq->cq_vector));
|
||||
enable_irq(irq);
|
||||
}
|
||||
|
||||
static int nvme_poll(struct blk_mq_hw_ctx *hctx, struct io_comp_batch *iob)
|
||||
|
||||
@@ -1586,7 +1586,7 @@ void nvmet_execute_async_event(struct nvmet_req *req)
|
||||
ctrl->async_event_cmds[ctrl->nr_async_event_cmds++] = req;
|
||||
mutex_unlock(&ctrl->lock);
|
||||
|
||||
queue_work(nvmet_wq, &ctrl->async_event_work);
|
||||
queue_work(nvmet_aen_wq, &ctrl->async_event_work);
|
||||
}
|
||||
|
||||
void nvmet_execute_keep_alive(struct nvmet_req *req)
|
||||
|
||||
@@ -27,6 +27,8 @@ static DEFINE_IDA(cntlid_ida);
|
||||
|
||||
struct workqueue_struct *nvmet_wq;
|
||||
EXPORT_SYMBOL_GPL(nvmet_wq);
|
||||
struct workqueue_struct *nvmet_aen_wq;
|
||||
EXPORT_SYMBOL_GPL(nvmet_aen_wq);
|
||||
|
||||
/*
|
||||
* This read/write semaphore is used to synchronize access to configuration
|
||||
@@ -206,7 +208,7 @@ void nvmet_add_async_event(struct nvmet_ctrl *ctrl, u8 event_type,
|
||||
list_add_tail(&aen->entry, &ctrl->async_events);
|
||||
mutex_unlock(&ctrl->lock);
|
||||
|
||||
queue_work(nvmet_wq, &ctrl->async_event_work);
|
||||
queue_work(nvmet_aen_wq, &ctrl->async_event_work);
|
||||
}
|
||||
|
||||
static void nvmet_add_to_changed_ns_log(struct nvmet_ctrl *ctrl, __le32 nsid)
|
||||
@@ -1959,9 +1961,14 @@ static int __init nvmet_init(void)
|
||||
if (!nvmet_wq)
|
||||
goto out_free_buffered_work_queue;
|
||||
|
||||
nvmet_aen_wq = alloc_workqueue("nvmet-aen-wq",
|
||||
WQ_MEM_RECLAIM | WQ_UNBOUND, 0);
|
||||
if (!nvmet_aen_wq)
|
||||
goto out_free_nvmet_work_queue;
|
||||
|
||||
error = nvmet_init_debugfs();
|
||||
if (error)
|
||||
goto out_free_nvmet_work_queue;
|
||||
goto out_free_nvmet_aen_work_queue;
|
||||
|
||||
error = nvmet_init_discovery();
|
||||
if (error)
|
||||
@@ -1977,6 +1984,8 @@ static int __init nvmet_init(void)
|
||||
nvmet_exit_discovery();
|
||||
out_exit_debugfs:
|
||||
nvmet_exit_debugfs();
|
||||
out_free_nvmet_aen_work_queue:
|
||||
destroy_workqueue(nvmet_aen_wq);
|
||||
out_free_nvmet_work_queue:
|
||||
destroy_workqueue(nvmet_wq);
|
||||
out_free_buffered_work_queue:
|
||||
@@ -1994,6 +2003,7 @@ static void __exit nvmet_exit(void)
|
||||
nvmet_exit_discovery();
|
||||
nvmet_exit_debugfs();
|
||||
ida_destroy(&cntlid_ida);
|
||||
destroy_workqueue(nvmet_aen_wq);
|
||||
destroy_workqueue(nvmet_wq);
|
||||
destroy_workqueue(buffered_io_wq);
|
||||
destroy_workqueue(zbd_wq);
|
||||
|
||||
@@ -501,6 +501,7 @@ extern struct kmem_cache *nvmet_bvec_cache;
|
||||
extern struct workqueue_struct *buffered_io_wq;
|
||||
extern struct workqueue_struct *zbd_wq;
|
||||
extern struct workqueue_struct *nvmet_wq;
|
||||
extern struct workqueue_struct *nvmet_aen_wq;
|
||||
|
||||
static inline void nvmet_set_result(struct nvmet_req *req, u32 result)
|
||||
{
|
||||
|
||||
@@ -2088,6 +2088,7 @@ static void nvmet_rdma_remove_one(struct ib_device *ib_device, void *client_data
|
||||
mutex_unlock(&nvmet_rdma_queue_mutex);
|
||||
|
||||
flush_workqueue(nvmet_wq);
|
||||
flush_workqueue(nvmet_aen_wq);
|
||||
}
|
||||
|
||||
static struct ib_client nvmet_rdma_ib_client = {
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
struct nvme_dhchap_key {
|
||||
size_t len;
|
||||
u8 hash;
|
||||
u8 key[];
|
||||
u8 key[] __counted_by(len);
|
||||
};
|
||||
|
||||
u32 nvme_auth_get_seqnum(void);
|
||||
|
||||
Reference in New Issue
Block a user