From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Wed, 13 Jun 2018 17:27:20 +0000 (+0200)
Subject: 4.9-stable patches
X-Git-Tag: v4.17.2~28
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b4d81c01f4d8e29a5f9af62855087db094770537;p=thirdparty%2Fkernel%2Fstable-queue.git

4.9-stable patches

added patches:
	nvme-pci-initialize-queue-memory-before-interrupts.patch
---

diff --git a/queue-4.9/nvme-pci-initialize-queue-memory-before-interrupts.patch b/queue-4.9/nvme-pci-initialize-queue-memory-before-interrupts.patch
new file mode 100644
index 00000000000..04207b6c5af
--- /dev/null
+++ b/queue-4.9/nvme-pci-initialize-queue-memory-before-interrupts.patch
@@ -0,0 +1,58 @@
+From 161b8be2bd6abad250d4b3f674bdd5480f15beeb Mon Sep 17 00:00:00 2001
+From: Keith Busch <keith.busch@intel.com>
+Date: Thu, 14 Sep 2017 13:54:39 -0400
+Subject: nvme-pci: initialize queue memory before interrupts
+
+From: Keith Busch <keith.busch@intel.com>
+
+commit 161b8be2bd6abad250d4b3f674bdd5480f15beeb upstream.
+
+A spurious interrupt before the nvme driver has initialized the completion
+queue may inadvertently cause the driver to believe it has a completion
+to process. This may result in a NULL dereference since the nvmeq's tags
+are not set at this point.
+
+The patch initializes the host's CQ memory so that a spurious interrupt
+isn't mistaken for a real completion.
+
+Signed-off-by: Keith Busch <keith.busch@intel.com>
+Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/nvme/host/pci.c |    4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/drivers/nvme/host/pci.c
++++ b/drivers/nvme/host/pci.c
+@@ -1126,11 +1126,11 @@ static int nvme_create_queue(struct nvme
+ 	if (result < 0)
+ 		goto release_cq;
+ 
++	nvme_init_queue(nvmeq, qid);
+ 	result = queue_request_irq(nvmeq);
+ 	if (result < 0)
+ 		goto release_sq;
+ 
+-	nvme_init_queue(nvmeq, qid);
+ 	return result;
+ 
+  release_sq:
+@@ -1248,6 +1248,7 @@ static int nvme_configure_admin_queue(st
+ 		return result;
+ 
+ 	nvmeq->cq_vector = 0;
++	nvme_init_queue(nvmeq, 0);
+ 	result = queue_request_irq(nvmeq);
+ 	if (result) {
+ 		nvmeq->cq_vector = -1;
+@@ -1776,7 +1777,6 @@ static void nvme_reset_work(struct work_
+ 	if (result)
+ 		goto out;
+ 
+-	nvme_init_queue(dev->queues[0], 0);
+ 	result = nvme_alloc_admin_tags(dev);
+ 	if (result)
+ 		goto out;
diff --git a/queue-4.9/series b/queue-4.9/series
index f65f13a373f..fec4decd6bf 100644
--- a/queue-4.9/series
+++ b/queue-4.9/series
@@ -2,3 +2,4 @@ x86-fpu-hard-disable-lazy-fpu-mode.patch
 bonding-correctly-update-link-status-during-mii-commit-phase.patch
 bonding-fix-active-backup-transition.patch
 bonding-require-speed-duplex-only-for-802.3ad-alb-and-tlb.patch
+nvme-pci-initialize-queue-memory-before-interrupts.patch