From b9808cd1a2d6a1b851251bb6831cdefcec1dc633 Mon Sep 17 00:00:00 2001 From: Sagi Grimberg Date: Fri, 17 Apr 2020 15:56:09 +0800 Subject: [PATCH] nvme: fix possible deadlock when nvme_update_formats fails mainline inclusion from mainline-5.4-rc4 commit 6abff1b9f7b8884a46b7bd80b49e7af0b5625aeb category: bugfix bugzilla: 24170 CVE: NA --------------------------- nvme_update_formats may fail to revalidate the namespace and attempt to remove the namespace. This may lead to a deadlock as nvme_ns_remove will attempt to acquire the subsystem lock which is already acquired by the passthru command with effects. Move the invalid namepsace removal to after the passthru command releases the subsystem lock. Reported-by: Judy Brock Signed-off-by: Sagi Grimberg Signed-off-by: Sun Ke Reviewed-by: Hou Tao Signed-off-by: Yang Yingliang --- drivers/nvme/host/core.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c index 820faecbdbf7..6d1d6caf168f 100644 --- a/drivers/nvme/host/core.c +++ b/drivers/nvme/host/core.c @@ -1234,8 +1234,6 @@ static void nvme_update_formats(struct nvme_ctrl *ctrl) if (ns->disk && nvme_revalidate_disk(ns->disk)) nvme_set_queue_dying(ns); up_read(&ctrl->namespaces_rwsem); - - nvme_remove_invalid_namespaces(ctrl, NVME_NSID_ALL); } static void nvme_passthru_end(struct nvme_ctrl *ctrl, u32 effects) @@ -1251,6 +1249,7 @@ static void nvme_passthru_end(struct nvme_ctrl *ctrl, u32 effects) nvme_unfreeze(ctrl); nvme_mpath_unfreeze(ctrl->subsys); mutex_unlock(&ctrl->subsys->lock); + nvme_remove_invalid_namespaces(ctrl, NVME_NSID_ALL); mutex_unlock(&ctrl->scan_lock); } if (effects & NVME_CMD_EFFECTS_CCC) -- GitLab