5de815a7ee
Bsg holding a reference to the parent device may result in a crash if a bsg file handle is closed after the parent device driver has unloaded. Holding a reference is not really needed: the parent device must exist between bsg_register_queue and bsg_unregister_queue. Before the device goes away the caller does blk_cleanup_queue so that all in-flight requests to the device are gone and all new requests cannot pass beyond the queue. The queue itself is a refcounted object and it will stay alive with a bsg file. Based on analysis, previous patch and changelog from Anatoliy Glagolev. Reported-by: Anatoliy Glagolev <glagolig@gmail.com> Reviewed-by: James E.J. Bottomley <jejb@linux.vnet.ibm.com> Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Jens Axboe <axboe@kernel.dk>
40 lines
1012 B
C
40 lines
1012 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
#ifndef _LINUX_BSG_H
|
|
#define _LINUX_BSG_H
|
|
|
|
#include <uapi/linux/bsg.h>
|
|
|
|
struct request;
|
|
|
|
#ifdef CONFIG_BLK_DEV_BSG
|
|
struct bsg_ops {
|
|
int (*check_proto)(struct sg_io_v4 *hdr);
|
|
int (*fill_hdr)(struct request *rq, struct sg_io_v4 *hdr,
|
|
fmode_t mode);
|
|
int (*complete_rq)(struct request *rq, struct sg_io_v4 *hdr);
|
|
void (*free_rq)(struct request *rq);
|
|
};
|
|
|
|
struct bsg_class_device {
|
|
struct device *class_dev;
|
|
int minor;
|
|
struct request_queue *queue;
|
|
const struct bsg_ops *ops;
|
|
};
|
|
|
|
int bsg_register_queue(struct request_queue *q, struct device *parent,
|
|
const char *name, const struct bsg_ops *ops);
|
|
int bsg_scsi_register_queue(struct request_queue *q, struct device *parent);
|
|
void bsg_unregister_queue(struct request_queue *q);
|
|
#else
|
|
static inline int bsg_scsi_register_queue(struct request_queue *q,
|
|
struct device *parent)
|
|
{
|
|
return 0;
|
|
}
|
|
static inline void bsg_unregister_queue(struct request_queue *q)
|
|
{
|
|
}
|
|
#endif /* CONFIG_BLK_DEV_BSG */
|
|
#endif /* _LINUX_BSG_H */
|