--- /dev/null
+From 161b8be2bd6abad250d4b3f674bdd5480f15beeb Mon Sep 17 00:00:00 2001
+From: Keith Busch <keith.busch@intel.com>
+Date: Thu, 14 Sep 2017 13:54:39 -0400
+Subject: nvme-pci: initialize queue memory before interrupts
+
+From: Keith Busch <keith.busch@intel.com>
+
+commit 161b8be2bd6abad250d4b3f674bdd5480f15beeb upstream.
+
+A spurious interrupt before the nvme driver has initialized the completion
+queue may inadvertently cause the driver to believe it has a completion
+to process. This may result in a NULL dereference since the nvmeq's tags
+are not set at this point.
+
+The patch initializes the host's CQ memory so that a spurious interrupt
+isn't mistaken for a real completion.
+
+Signed-off-by: Keith Busch <keith.busch@intel.com>
+Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+[bwh: Backported to 4.4: adjust context]
+Cc: Ben Hutchings <ben.hutchings@codethink.co.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/nvme/host/pci.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/drivers/nvme/host/pci.c
++++ b/drivers/nvme/host/pci.c
+@@ -1589,11 +1589,11 @@ static int nvme_create_queue(struct nvme
+ if (result < 0)
+ goto release_cq;
+
++ nvme_init_queue(nvmeq, qid);
+ result = queue_request_irq(dev, nvmeq, nvmeq->irqname);
+ if (result < 0)
+ goto release_sq;
+
+- nvme_init_queue(nvmeq, qid);
+ return result;
+
+ release_sq:
+@@ -1797,6 +1797,7 @@ static int nvme_configure_admin_queue(st
+ goto free_nvmeq;
+
+ nvmeq->cq_vector = 0;
++ nvme_init_queue(nvmeq, 0);
+ result = queue_request_irq(dev, nvmeq, nvmeq->irqname);
+ if (result) {
+ nvmeq->cq_vector = -1;
+@@ -3165,7 +3166,6 @@ static void nvme_probe_work(struct work_
+ goto disable;
+ }
+
+- nvme_init_queue(dev->queues[0], 0);
+ result = nvme_alloc_admin_tags(dev);
+ if (result)
+ goto disable;
projects / thirdparty / kernel / stable-queue.git / commitdiff
