From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Sat, 5 Mar 2022 13:51:32 +0000 (+0100)
Subject: 4.19-stable patches
X-Git-Tag: v4.9.305~61
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=36ac3b7c029f914e715530f5aa16601d964c49bb;p=thirdparty%2Fkernel%2Fstable-queue.git

4.19-stable patches

added patches:
	block-fix-fsync-always-failed-if-once-failed.patch
	pci-pciehp-fix-infinite-loop-in-irq-handler-upon-power-fault.patch
---

diff --git a/queue-4.19/block-fix-fsync-always-failed-if-once-failed.patch b/queue-4.19/block-fix-fsync-always-failed-if-once-failed.patch
new file mode 100644
index 00000000000..18987f0a4ae
--- /dev/null
+++ b/queue-4.19/block-fix-fsync-always-failed-if-once-failed.patch
@@ -0,0 +1,64 @@
+From foo@baz Sat Mar  5 02:47:26 PM CET 2022
+From: Ye Bin <yebin10@huawei.com>
+Date: Mon, 29 Nov 2021 09:26:59 +0800
+Subject: block: Fix fsync always failed if once failed
+
+From: Ye Bin <yebin10@huawei.com>
+
+commit 8a7518931baa8ea023700987f3db31cb0a80610b upstream.
+
+We do test with inject error fault base on v4.19, after test some time we found
+sync /dev/sda always failed.
+[root@localhost] sync /dev/sda
+sync: error syncing '/dev/sda': Input/output error
+
+scsi log as follows:
+[19069.812296] sd 0:0:0:0: [sda] tag#64 Send: scmd 0x00000000d03a0b6b
+[19069.812302] sd 0:0:0:0: [sda] tag#64 CDB: Synchronize Cache(10) 35 00 00 00 00 00 00 00 00 00
+[19069.812533] sd 0:0:0:0: [sda] tag#64 Done: SUCCESS Result: hostbyte=DID_OK driverbyte=DRIVER_OK
+[19069.812536] sd 0:0:0:0: [sda] tag#64 CDB: Synchronize Cache(10) 35 00 00 00 00 00 00 00 00 00
+[19069.812539] sd 0:0:0:0: [sda] tag#64 scsi host busy 1 failed 0
+[19069.812542] sd 0:0:0:0: Notifying upper driver of completion (result 0)
+[19069.812546] sd 0:0:0:0: [sda] tag#64 sd_done: completed 0 of 0 bytes
+[19069.812549] sd 0:0:0:0: [sda] tag#64 0 sectors total, 0 bytes done.
+[19069.812564] print_req_error: I/O error, dev sda, sector 0
+
+ftrace log as follows:
+ rep-306069 [007] .... 19654.923315: block_bio_queue: 8,0 FWS 0 + 0 [rep]
+ rep-306069 [007] .... 19654.923333: block_getrq: 8,0 FWS 0 + 0 [rep]
+ kworker/7:1H-250   [007] .... 19654.923352: block_rq_issue: 8,0 FF 0 () 0 + 0 [kworker/7:1H]
+ <idle>-0     [007] ..s. 19654.923562: block_rq_complete: 8,0 FF () 18446744073709551615 + 0 [0]
+ <idle>-0     [007] d.s. 19654.923576: block_rq_complete: 8,0 WS () 0 + 0 [-5]
+
+As 8d6996630c03 introduce 'fq->rq_status', this data only update when 'flush_rq'
+reference count isn't zero. If flush request once failed and record error code
+in 'fq->rq_status'. If there is no chance to update 'fq->rq_status',then do fsync
+will always failed.
+To address this issue reset 'fq->rq_status' after return error code to upper layer.
+
+Fixes: 8d6996630c03("block: fix null pointer dereference in blk_mq_rq_timed_out()")
+Signed-off-by: Ye Bin <yebin10@huawei.com>
+Reviewed-by: Ming Lei <ming.lei@redhat.com>
+Link: https://lore.kernel.org/r/20211129012659.1553733-1-yebin10@huawei.com
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+[sudip: adjust context]
+Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ block/blk-flush.c |    4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/block/blk-flush.c
++++ b/block/blk-flush.c
+@@ -239,8 +239,10 @@ static void flush_end_io(struct request
+ 			return;
+ 		}
+ 
+-		if (fq->rq_status != BLK_STS_OK)
++		if (fq->rq_status != BLK_STS_OK) {
+ 			error = fq->rq_status;
++			fq->rq_status = BLK_STS_OK;
++		}
+ 
+ 		hctx = blk_mq_map_queue(q, flush_rq->mq_ctx->cpu);
+ 		if (!q->elevator) {
diff --git a/queue-4.19/pci-pciehp-fix-infinite-loop-in-irq-handler-upon-power-fault.patch b/queue-4.19/pci-pciehp-fix-infinite-loop-in-irq-handler-upon-power-fault.patch
new file mode 100644
index 00000000000..b61d6fd9b22
--- /dev/null
+++ b/queue-4.19/pci-pciehp-fix-infinite-loop-in-irq-handler-upon-power-fault.patch
@@ -0,0 +1,78 @@
+From foo@baz Sat Mar  5 02:48:08 PM CET 2022
+From: Lukas Wunner <lukas@wunner.de>
+Date: Wed, 17 Nov 2021 23:22:09 +0100
+Subject: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
+
+From: Lukas Wunner <lukas@wunner.de>
+
+commit 23584c1ed3e15a6f4bfab8dc5a88d94ab929ee12 upstream.
+
+The Power Fault Detected bit in the Slot Status register differs from
+all other hotplug events in that it is sticky:  It can only be cleared
+after turning off slot power.  Per PCIe r5.0, sec. 6.7.1.8:
+
+  If a power controller detects a main power fault on the hot-plug slot,
+  it must automatically set its internal main power fault latch [...].
+  The main power fault latch is cleared when software turns off power to
+  the hot-plug slot.
+
+The stickiness used to cause interrupt storms and infinite loops which
+were fixed in 2009 by commits 5651c48cfafe ("PCI pciehp: fix power fault
+interrupt storm problem") and 99f0169c17f3 ("PCI: pciehp: enable
+software notification on empty slots").
+
+Unfortunately in 2020 the infinite loop issue was inadvertently
+reintroduced by commit 8edf5332c393 ("PCI: pciehp: Fix MSI interrupt
+race"):  The hardirq handler pciehp_isr() clears the PFD bit until
+pciehp's power_fault_detected flag is set.  That happens in the IRQ
+thread pciehp_ist(), which never learns of the event because the hardirq
+handler is stuck in an infinite loop.  Fix by setting the
+power_fault_detected flag already in the hardirq handler.
+
+Link: https://bugzilla.kernel.org/show_bug.cgi?id=214989
+Link: https://lore.kernel.org/linux-pci/DM8PR11MB5702255A6A92F735D90A4446868B9@DM8PR11MB5702.namprd11.prod.outlook.com
+Fixes: 8edf5332c393 ("PCI: pciehp: Fix MSI interrupt race")
+Link: https://lore.kernel.org/r/66eaeef31d4997ceea357ad93259f290ededecfd.1637187226.git.lukas@wunner.de
+Reported-by: Joseph Bao <joseph.bao@intel.com>
+Tested-by: Joseph Bao <joseph.bao@intel.com>
+Signed-off-by: Lukas Wunner <lukas@wunner.de>
+Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
+Cc: stable@vger.kernel.org # v4.19+
+Cc: Stuart Hayes <stuart.w.hayes@gmail.com>
+[sudip: adjust context]
+Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/pci/hotplug/pciehp_hpc.c |    7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+--- a/drivers/pci/hotplug/pciehp_hpc.c
++++ b/drivers/pci/hotplug/pciehp_hpc.c
+@@ -576,6 +576,8 @@ read_status:
+ 	 */
+ 	if (ctrl->power_fault_detected)
+ 		status &= ~PCI_EXP_SLTSTA_PFD;
++	else if (status & PCI_EXP_SLTSTA_PFD)
++		ctrl->power_fault_detected = true;
+ 
+ 	events |= status;
+ 	if (!events) {
+@@ -585,7 +587,7 @@ read_status:
+ 	}
+ 
+ 	if (status) {
+-		pcie_capability_write_word(pdev, PCI_EXP_SLTSTA, events);
++		pcie_capability_write_word(pdev, PCI_EXP_SLTSTA, status);
+ 
+ 		/*
+ 		 * In MSI mode, all event bits must be zero before the port
+@@ -660,8 +662,7 @@ static irqreturn_t pciehp_ist(int irq, v
+ 	}
+ 
+ 	/* Check Power Fault Detected */
+-	if ((events & PCI_EXP_SLTSTA_PFD) && !ctrl->power_fault_detected) {
+-		ctrl->power_fault_detected = 1;
++	if (events & PCI_EXP_SLTSTA_PFD) {
+ 		ctrl_err(ctrl, "Slot(%s): Power fault\n", slot_name(slot));
+ 		pciehp_set_attention_status(slot, 1);
+ 		pciehp_green_led_off(slot);
diff --git a/queue-4.19/series b/queue-4.19/series
index 5f0b6cfc3f8..23bf700bcde 100644
--- a/queue-4.19/series
+++ b/queue-4.19/series
@@ -26,3 +26,5 @@ batman-adv-don-t-expect-inter-netns-unique-iflink-indices.patch
 net-dcb-flush-lingering-app-table-entries-for-unregistered-devices.patch
 net-smc-fix-unexpected-smc_clc_decl_err_regrmb-error-generated-by-client.patch
 net-smc-fix-unexpected-smc_clc_decl_err_regrmb-error-cause-by-server.patch
+block-fix-fsync-always-failed-if-once-failed.patch
+pci-pciehp-fix-infinite-loop-in-irq-handler-upon-power-fault.patch