Wind River Support Network

Description

In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]scsi: core: Fix a regression triggered by scsi_host_busy()[EOL][EOL]Commit 995412e23bb2 ("blk-mq: Replace tags->lock with SRCU for tag[EOL]iterators") introduced the following regression:[EOL][EOL]Call trace:[EOL] __srcu_read_lock+0x30/0x80 (P)[EOL] blk_mq_tagset_busy_iter+0x44/0x300[EOL] scsi_host_busy+0x38/0x70[EOL] ufshcd_print_host_state+0x34/0x1bc[EOL] ufshcd_link_startup.constprop.0+0xe4/0x2e0[EOL] ufshcd_init+0x944/0xf80[EOL] ufshcd_pltfrm_init+0x504/0x820[EOL] ufs_rockchip_probe+0x2c/0x88[EOL] platform_probe+0x5c/0xa4[EOL] really_probe+0xc0/0x38c[EOL] __driver_probe_device+0x7c/0x150[EOL] driver_probe_device+0x40/0x120[EOL] __driver_attach+0xc8/0x1e0[EOL] bus_for_each_dev+0x7c/0xdc[EOL] driver_attach+0x24/0x30[EOL] bus_add_driver+0x110/0x230[EOL] driver_register+0x68/0x130[EOL] __platform_driver_register+0x20/0x2c[EOL] ufs_rockchip_pltform_init+0x1c/0x28[EOL] do_one_initcall+0x60/0x1e0[EOL] kernel_init_freeable+0x248/0x2c4[EOL] kernel_init+0x20/0x140[EOL] ret_from_fork+0x10/0x20[EOL][EOL]Fix this regression by making scsi_host_busy() check whether the SCSI[EOL]host tag set has already been initialized. tag_set->ops is set by[EOL]scsi_mq_setup_tags() just before blk_mq_alloc_tag_set() is called. This[EOL]fix is based on the assumption that scsi_host_busy() and[EOL]scsi_mq_setup_tags() calls are serialized. This is the case in the UFS[EOL]driver.