lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1b6de3b0-4e0c-4b46-df1a-db531bd2c888@acm.org>
Date:   Tue, 21 Apr 2020 22:02:15 -0700
From:   Bart Van Assche <bvanassche@....org>
To:     decui@...rosoft.com, jejb@...ux.ibm.com,
        martin.petersen@...cle.com, linux-scsi@...r.kernel.org,
        linux-kernel@...r.kernel.org, hch@....de, hare@...e.de,
        mikelley@...rosoft.com, longli@...rosoft.com, ming.lei@...hat.com
Cc:     linux-hyperv@...r.kernel.org, wei.liu@...nel.org,
        sthemmin@...rosoft.com, haiyangz@...rosoft.com, kys@...rosoft.com
Subject: Re: [PATCH] scsi: storvsc: Fix a panic in the hibernation procedure

On 4/21/20 5:17 PM, Dexuan Cui wrote:
> During hibernation, the sdevs are suspended automatically in
> drivers/scsi/scsi_pm.c before storvsc_suspend(), so after
> storvsc_suspend(), there is no disk I/O from the file systems, but there
> can still be disk I/O from the kernel space, e.g. disk_check_events() ->
> sr_block_check_events() -> cdrom_check_events() can still submit I/O
> to the storvsc driver, which causes a paic of NULL pointer dereference,
> since storvsc has closed the vmbus channel in storvsc_suspend(): refer
> to the below links for more info:
>    https://lkml.org/lkml/2020/4/10/47
>    https://lkml.org/lkml/2020/4/17/1103
> 
> Fix the panic by blocking/unblocking all the I/O queues properly.
> 
> Note: this patch depends on another patch "scsi: core: Allow the state
> change from SDEV_QUIESCE to SDEV_BLOCK" (refer to the second link above).
> 
> Fixes: 56fb10585934 ("scsi: storvsc: Add the support of hibernation")
> Signed-off-by: Dexuan Cui <decui@...rosoft.com>
> ---
>   drivers/scsi/storvsc_drv.c | 10 ++++++++++
>   1 file changed, 10 insertions(+)
> 
> diff --git a/drivers/scsi/storvsc_drv.c b/drivers/scsi/storvsc_drv.c
> index fb41636519ee..fd51d2f03778 100644
> --- a/drivers/scsi/storvsc_drv.c
> +++ b/drivers/scsi/storvsc_drv.c
> @@ -1948,6 +1948,11 @@ static int storvsc_suspend(struct hv_device *hv_dev)
>   	struct storvsc_device *stor_device = hv_get_drvdata(hv_dev);
>   	struct Scsi_Host *host = stor_device->host;
>   	struct hv_host_device *host_dev = shost_priv(host);
> +	int ret;
> +
> +	ret = scsi_host_block(host);
> +	if (ret)
> +		return ret;
>   
>   	storvsc_wait_to_drain(stor_device);
>   
> @@ -1968,10 +1973,15 @@ static int storvsc_suspend(struct hv_device *hv_dev)
>   
>   static int storvsc_resume(struct hv_device *hv_dev)
>   {
> +	struct storvsc_device *stor_device = hv_get_drvdata(hv_dev);
> +	struct Scsi_Host *host = stor_device->host;
>   	int ret;
>   
>   	ret = storvsc_connect_to_vsp(hv_dev, storvsc_ringbuffer_size,
>   				     hv_dev_is_fc(hv_dev));
> +	if (!ret)
> +		ret = scsi_host_unblock(host, SDEV_RUNNING);
> +
>   	return ret;
>   }

I don't like this patch. It makes the behavior of the storsvc driver 
different from every other SCSI LLD. Other SCSI LLDs don't need this 
change because these don't destroy I/O queues upon suspend.

Bart.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ