user/sven/linux.git/drivers/target, branch v3.8.4

iscsi-target: Fix immediate queue starvation regression with DATAIN

2013-03-14T18:26:11Z

commit fd3a9025c0349bc9b01d627529f54e6e1e389015 upstream. This patch addresses a v3.5+ regression in iscsi-target where TX thread process context -> handle_response_queue() execution is allowed to run unbounded while servicing constant outgoing flow of ISTATE_SEND_DATAIN response state. This ends up preventing memory release of StatSN acknowledged commands in a timely manner when under heavy large block streaming DATAIN workloads. The regression bug was initially introduced with: commit 6f3c0e69a9c20441bdc6d3b2d18b83b244384ec6 Author: Andy Grover Date: Tue Apr 3 15:51:09 2012 -0700 target/iscsi: Refactor target_tx_thread immediate+response queue loops Go ahead and follow original iscsi_target_tx_thread() logic and check to break for immediate queue processing after each DataIN Sequence and/or Response PDU has been sent. Reported-by: Benjamin ESTRABAUD Cc: Andy Grover Signed-off-by: Nicholas Bellinger Signed-off-by: Greg Kroah-Hartman

target/pscsi: Fix page increment

2013-03-14T18:26:10Z

commit 472b72f2db7831d7dbe22ffdff4adee3bd49b05d upstream. The page++ is wrong. It makes bio_add_pc_page() pointing to a wrong page address if the 'while (len > 0 && data_len > 0) { ... }' loop is executed more than one once. Signed-off-by: Asias He Signed-off-by: Nicholas Bellinger Signed-off-by: Greg Kroah-Hartman

target: Add missing mapped_lun bounds checking during make_mappedlun setup

2013-03-03T22:03:34Z

commit fbbf8555a986ed31e54f006b6cc637ea4ff1425b upstream. This patch adds missing bounds checking for the configfs provided mapped_lun value during target_fabric_make_mappedlun() setup ahead of se_lun_acl initialization. This addresses a potential OOPs when using a mapped_lun value that exceeds the hardcoded TRANSPORT_MAX_LUNS_PER_TPG-1 value within se_node_acl->device_list[]. Reported-by: Jan Engelhardt Cc: Jan Engelhardt Signed-off-by: Nicholas Bellinger Signed-off-by: Greg Kroah-Hartman

target: Fix lookup of dynamic NodeACLs during cached demo-mode operation

2013-03-03T22:03:34Z

commit fcf29481fb8e106daad6688f2e898226ee928992 upstream. This patch fixes a bug in core_tpg_check_initiator_node_acl() -> core_tpg_get_initiator_node_acl() where a dynamically created se_node_acl generated during session login would be skipped during subsequent lookup due to the '!acl->dynamic_node_acl' check, causing a new se_node_acl to be created with a duplicate ->initiatorname. This would occur when a fabric endpoint was configured with TFO->tpg_check_demo_mode()=1 + TPF->tpg_check_demo_mode_cache()=1 preventing the release of an existing se_node_acl during se_session shutdown. Also, drop the unnecessary usage of core_tpg_get_initiator_node_acl() within core_dev_init_initiator_node_lun_acl() that originally required the extra '!acl->dynamic_node_acl' check, and just pass the configfs provided se_node_acl pointer instead. Signed-off-by: Nicholas Bellinger Signed-off-by: Greg Kroah-Hartman

target: Fix divide by zero bug in fabric_max_sectors for unconfigured devices

2013-01-31T23:22:53Z

This patch fixes a possible divide by zero bug when the fabric_max_sectors device attribute is written and backend se_device failed to be successfully configured -> enabled. Go ahead and use block_size=512 within se_dev_set_fabric_max_sectors() in the event of a target_configure_device() failure case, as no valid dev->dev_attrib.block_size value will have been setup yet. Cc: stable@vger.kernel.org Signed-off-by: Nicholas Bellinger

target: Fix regression allowing unconfigured devices to fabric port link

2013-01-31T23:13:23Z

This patch fixes a v3.8-rc1 regression bug where an unconfigured se_device was incorrectly allowed to perform a fabric port-link. This bug was introduced in commit: commit 0fd97ccf45be26fb01b3a412f1f6c6b5044b2f16 Author: Christoph Hellwig Date: Mon Oct 8 00:03:19 2012 -0400 target: kill struct se_subsystem_dev which ended up dropping the original se_subsystem_dev->se_dev_ptr check preventing this from happening with pre commit 0fd97ccf code. Cc: Christoph Hellwig Signed-off-by: Nicholas Bellinger

target: Fix zero-length READ_CAPACITY_16 regression

2013-01-29T22:24:26Z

This patch fixes a regression introduced in v3.8-rc1 code where a zero-length READ_CAPACITY_16 was no longer returning GOOD status, but instead returning TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE to generate a CHECK_CONDITION status. This regression was introduced with the following commit: commit de103c93aff0bed0ae984274e5dc8b95899badab Author: Christoph Hellwig Date: Tue Nov 6 12:24:09 2012 -0800 target: pass sense_reason as a return value and this patch has been tested with the following zero-length CDB: sg_raw /dev/sdd 9e 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 SCSI Status: Good Sense Information: sense buffer empty Also, convert sbc_emulate_readcapacity() to follow the same method of handling transport_kmap_data_sg() return values, but we never expect a zero-length request here. Cc: Christoph Hellwig Cc: Paolo Bonzini Cc: Roland Dreier Signed-off-by: Nicholas Bellinger

target: Fix zero-length MODE_SENSE regression

2013-01-29T22:24:20Z

This patch fixes a regression introduced in v3.8-rc1 code where a zero-length MODE_SENSE was no longer returning GOOD status, but instead returning TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE to generate a CHECK_CONDITION status. This regression was introduced with the following commit: commit de103c93aff0bed0ae984274e5dc8b95899badab Author: Christoph Hellwig Date: Tue Nov 6 12:24:09 2012 -0800 target: pass sense_reason as a return value and this patch has been tested with the following zero-length CDB: sg_raw /dev/sdd 5a 00 0a 00 00 00 00 00 00 00 SCSI Status: Good Sense Information: sense buffer empty Cc: Christoph Hellwig Cc: Paolo Bonzini Cc: Roland Dreier Signed-off-by: Nicholas Bellinger

target: Fix zero-length INQUIRY additional sense code regression

2013-01-29T22:22:01Z

This patch fixes a minor regression introduced in v3.8-rc1 code where a zero-length INQUIRY was no longer returning the correct INVALID FIELD IN CDB additional sense code. This regression was introduced with the following commit: commit de103c93aff0bed0ae984274e5dc8b95899badab Author: Christoph Hellwig Date: Tue Nov 6 12:24:09 2012 -0800 target: pass sense_reason as a return value and this patch has been tested with the following zero-length CDB: sg_raw /dev/sdd 12 00 83 00 00 00 SCSI Status: Check Condition Sense Information: Fixed format, current; Sense key: Illegal Request Additional sense: Invalid field in cdb Cc: Christoph Hellwig Cc: Paolo Bonzini Cc: Roland Dreier Signed-off-by: Nicholas Bellinger

iscsi-target: Fix CmdSN comparison (use cmd->cmd_sn instead of cmd->stat_sn)

2013-01-11T05:00:37Z

Commit 64c13330a389 ("iscsi-target: Fix bug in handling of ExpStatSN ACK during u32 wrap-around") introduced a bug where we compare the wrong SN against our ExpCmdSN. Reported-by: Ben Hutchings Signed-off-by: Roland Dreier Cc: stable@vger.kernel.org Signed-off-by: Nicholas Bellinger