From 6af8bdfac8d51f268994bf806a44f37237378b0c Mon Sep 17 00:00:00 2001 From: Hannes Reinecke Date: Tue, 14 Dec 2021 19:20:07 +0800 Subject: [PATCH] nvme-multipath: split bios with the ns_head bio_set before submitting mainline inclusion from mainline-v5.2-rc1 commit 525aa5a705d86e193726ee465d1a975265fabf19 category: bugfix bugzilla: NA CVE: NA Link: https://gitee.com/openeuler/kernel/issues/I4JFBE?from=project-issue ------------------------------------------------- If the bio is moved to a different queue via blk_steal_bios() and the original queue is destroyed in nvme_remove_ns() we'll be ending with a crash in bio_endio() as the mempool for the split bio bvecs had already been destroyed. So split the bio using the original queue (which will remain during the lifetime of the bio) before sending it down to the underlying device. Signed-off-by: Hannes Reinecke Reviewed-by: Ming Lei Signed-off-by: Christoph Hellwig Signed-off-by: chengjike Reviewed-by: Hou Tao Signed-off-by: Yang Yingliang --- drivers/nvme/host/multipath.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/nvme/host/multipath.c b/drivers/nvme/host/multipath.c index f4c700af596f..5ad894024a46 100644 --- a/drivers/nvme/host/multipath.c +++ b/drivers/nvme/host/multipath.c @@ -220,6 +220,14 @@ static blk_qc_t nvme_ns_head_make_request(struct request_queue *q, blk_qc_t ret = BLK_QC_T_NONE; int srcu_idx; + /* + * The namespace might be going away and the bio might + * be moved to a different queue via blk_steal_bios(), + * so we need to use the bio_split pool from the original + * queue to allocate the bvecs from. + */ + blk_queue_split(q, &bio); + srcu_idx = srcu_read_lock(&head->srcu); ns = nvme_find_path(head); if (likely(ns)) { -- GitLab