diff options
| author | Varun Prakash <[email protected]> | 2021-10-26 19:01:55 +0530 |
|---|---|---|
| committer | Christoph Hellwig <[email protected]> | 2021-10-27 07:58:26 +0200 |
| commit | ce7723e9cdae4eb3030da082876580f4b2dc0861 (patch) | |
| tree | a5e1471acc87c1d2c157b04d2efe2658eb62a3f8 /tools/perf/util/trace-event-scripting.c | |
| parent | 25e1f67eda4a19c91dc05c84d6d413c53efb447b (diff) | |
nvme-tcp: fix possible req->offset corruption
With commit db5ad6b7f8cd ("nvme-tcp: try to send request in queue_rq
context") r2t and response PDU can get processed while send function
is executing.
Current data digest send code uses req->offset after kernel_sendmsg(),
this creates a race condition where req->offset gets reset before it
is used in send function.
This can happen in two cases -
1. Target sends r2t PDU which resets req->offset.
2. Target send response PDU which completes the req and then req is
used for a new command, nvme_tcp_setup_cmd_pdu() resets req->offset.
Fix this by storing req->offset in a local variable and using
this local variable after kernel_sendmsg().
Fixes: db5ad6b7f8cd ("nvme-tcp: try to send request in queue_rq context")
Signed-off-by: Varun Prakash <[email protected]>
Reviewed-by: Keith Busch <[email protected]>
Reviewed-by: Sagi Grimberg <[email protected]>
Signed-off-by: Christoph Hellwig <[email protected]>
Diffstat (limited to 'tools/perf/util/trace-event-scripting.c')
0 files changed, 0 insertions, 0 deletions