Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi

	struct Scsi_Host *shost;

	struct iser_conn *iser_conn = NULL;

	struct ib_conn *ib_conn;

	struct ib_device *ib_dev;

	u32 max_fr_sectors;

	shost = iscsi_host_alloc(&iscsi_iser_sht, 0, 0);

		}

		ib_conn = &iser_conn->ib_conn;

		ib_dev = ib_conn->device->ib_device;

		if (ib_conn->pi_support) {

			u32 sig_caps = ib_conn->device->ib_device->attrs.sig_prot_cap;

			u32 sig_caps = ib_dev->attrs.sig_prot_cap;

			scsi_host_set_prot(shost, iser_dif_prot_caps(sig_caps));

			scsi_host_set_guard(shost, SHOST_DIX_GUARD_IP |

						   SHOST_DIX_GUARD_CRC);

		}

		if (iscsi_host_add(shost,

				   ib_conn->device->ib_device->dev.parent)) {

		if (!(ib_dev->attrs.device_cap_flags & IB_DEVICE_SG_GAPS_REG))

			shost->virt_boundary_mask = ~MASK_4K;

		if (iscsi_host_add(shost, ib_dev->dev.parent)) {

			mutex_unlock(&iser_conn->state_mutex);

			goto free_host;

		}

	return 0;

}

static int iscsi_iser_slave_alloc(struct scsi_device *sdev)

{

	struct iscsi_session *session;

	struct iser_conn *iser_conn;

	struct ib_device *ib_dev;

	mutex_lock(&unbind_iser_conn_mutex);

	session = starget_to_session(scsi_target(sdev))->dd_data;

	iser_conn = session->leadconn->dd_data;

	if (!iser_conn) {

		mutex_unlock(&unbind_iser_conn_mutex);

		return -ENOTCONN;

	}

	ib_dev = iser_conn->ib_conn.device->ib_device;

	if (!(ib_dev->attrs.device_cap_flags & IB_DEVICE_SG_GAPS_REG))

		blk_queue_virt_boundary(sdev->request_queue, ~MASK_4K);

	mutex_unlock(&unbind_iser_conn_mutex);

	return 0;

}

static struct scsi_host_template iscsi_iser_sht = {

	.module                 = THIS_MODULE,

	.name                   = "iSCSI Initiator over iSER",

	.eh_device_reset_handler= iscsi_eh_device_reset,

	.eh_target_reset_handler = iscsi_eh_recover_target,

	.target_alloc		= iscsi_target_alloc,

	.slave_alloc            = iscsi_iser_slave_alloc,

	.proc_name              = "iscsi_iser",

	.this_id                = -1,

	.track_queue_depth	= 1,

	return 0;

}

static int srp_slave_alloc(struct scsi_device *sdev)

{

	struct Scsi_Host *shost = sdev->host;

	struct srp_target_port *target = host_to_target(shost);

	struct srp_device *srp_dev = target->srp_host->srp_dev;

	struct ib_device *ibdev = srp_dev->dev;

	if (!(ibdev->attrs.device_cap_flags & IB_DEVICE_SG_GAPS_REG))

		blk_queue_virt_boundary(sdev->request_queue,

					~srp_dev->mr_page_mask);

	return 0;

}

static int srp_slave_configure(struct scsi_device *sdev)

{

	struct Scsi_Host *shost = sdev->host;

	.name				= "InfiniBand SRP initiator",

	.proc_name			= DRV_NAME,

	.target_alloc			= srp_target_alloc,

	.slave_alloc			= srp_slave_alloc,

	.slave_configure		= srp_slave_configure,

	.info				= srp_target_info,

	.queuecommand			= srp_queuecommand,

	target_host->max_cmd_len = sizeof ((struct srp_cmd *) (void *) 0L)->cdb;

	target_host->max_segment_size = ib_dma_max_seg_size(ibdev);

	if (!(ibdev->attrs.device_cap_flags & IB_DEVICE_SG_GAPS_REG))

		target_host->virt_boundary_mask = ~srp_dev->mr_page_mask;

	target = host_to_target(target_host);

	target->net		= kobj_ns_grab_current(KOBJ_NS_TYPE_NET);

#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt

#include <linux/kthread.h>

#include <linux/bug.h>

#include "zfcp_ext.h"

#include "zfcp_reqlist.h"

	struct zfcp_erp_action *erp_action;

	struct zfcp_scsi_dev *zfcp_sdev;

	if (WARN_ON_ONCE(need != ZFCP_ERP_ACTION_REOPEN_LUN &&

			 need != ZFCP_ERP_ACTION_REOPEN_PORT &&

			 need != ZFCP_ERP_ACTION_REOPEN_PORT_FORCED &&

			 need != ZFCP_ERP_ACTION_REOPEN_ADAPTER))

		return NULL;

	switch (need) {

	case ZFCP_ERP_ACTION_REOPEN_LUN:

		zfcp_sdev = sdev_to_zfcp(sdev);

#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt

#include <linux/blktrace_api.h>

#include <linux/types.h>

#include <linux/slab.h>

#include <scsi/fc/fc_els.h>

#include "zfcp_ext.h"

static int zfcp_fsf_req_send(struct zfcp_fsf_req *req)

{

	const bool is_srb = zfcp_fsf_req_is_status_read_buffer(req);

	struct zfcp_adapter *adapter = req->adapter;

	struct zfcp_qdio *qdio = adapter->qdio;

	int req_id = req->req_id;

		return -EIO;

	}

	/*

	 * NOTE: DO NOT TOUCH ASYNC req PAST THIS POINT.

	 *	 ONLY TOUCH SYNC req AGAIN ON req->completion.

	 *

	 * The request might complete and be freed concurrently at any point

	 * now. This is not protected by the QDIO-lock (req_q_lock). So any

	 * uncontrolled access after this might result in an use-after-free bug.

	 * Only if the request doesn't have ZFCP_STATUS_FSFREQ_CLEANUP set, and

	 * when it is completed via req->completion, is it safe to use req

	 * again.

	 */

	/* Don't increase for unsolicited status */

	if (!zfcp_fsf_req_is_status_read_buffer(req))

	if (!is_srb)

		adapter->fsf_req_seq_no++;

	adapter->req_no++;

	retval = zfcp_fsf_req_send(req);

	if (retval)

		goto failed_req_send;

	/* NOTE: DO NOT TOUCH req PAST THIS POINT! */

	goto out;

	req->qtcb->bottom.support.req_handle = (u64) old_req_id;

	zfcp_fsf_start_timer(req, ZFCP_FSF_SCSI_ER_TIMEOUT);

	if (!zfcp_fsf_req_send(req))

	if (!zfcp_fsf_req_send(req)) {

		/* NOTE: DO NOT TOUCH req, UNTIL IT COMPLETES! */

		goto out;

	}

out_error_free:

	zfcp_fsf_req_free(req);

	ret = zfcp_fsf_req_send(req);

	if (ret)

		goto failed_send;

	/* NOTE: DO NOT TOUCH req PAST THIS POINT! */

	goto out;

	ret = zfcp_fsf_req_send(req);

	if (ret)

		goto failed_send;

	/* NOTE: DO NOT TOUCH req PAST THIS POINT! */

	goto out;

		zfcp_fsf_req_free(req);

		erp_action->fsf_req_id = 0;

	}

	/* NOTE: DO NOT TOUCH req PAST THIS POINT! */

out:

	spin_unlock_irq(&qdio->req_q_lock);

	return retval;

	zfcp_fsf_start_timer(req, ZFCP_FSF_REQUEST_TIMEOUT);

	retval = zfcp_fsf_req_send(req);

	spin_unlock_irq(&qdio->req_q_lock);

	if (!retval)

	if (!retval) {

		/* NOTE: ONLY TOUCH SYNC req AGAIN ON req->completion. */

		wait_for_completion(&req->completion);

	}

	zfcp_fsf_req_free(req);

	return retval;

		zfcp_fsf_req_free(req);

		erp_action->fsf_req_id = 0;

	}

	/* NOTE: DO NOT TOUCH req PAST THIS POINT! */

out:

	spin_unlock_irq(&qdio->req_q_lock);

	return retval;

	retval = zfcp_fsf_req_send(req);

	spin_unlock_irq(&qdio->req_q_lock);

	if (!retval)

	if (!retval) {

		/* NOTE: ONLY TOUCH SYNC req AGAIN ON req->completion. */

		wait_for_completion(&req->completion);

	}

	zfcp_fsf_req_free(req);

		erp_action->fsf_req_id = 0;

		put_device(&port->dev);

	}

	/* NOTE: DO NOT TOUCH req PAST THIS POINT! */

out:

	spin_unlock_irq(&qdio->req_q_lock);

	return retval;

		zfcp_fsf_req_free(req);

		erp_action->fsf_req_id = 0;

	}

	/* NOTE: DO NOT TOUCH req PAST THIS POINT! */

out:

	spin_unlock_irq(&qdio->req_q_lock);

	return retval;

{

	struct zfcp_qdio *qdio = wka_port->adapter->qdio;

	struct zfcp_fsf_req *req;

	unsigned long req_id = 0;

	int retval = -EIO;

	spin_lock_irq(&qdio->req_q_lock);

	hton24(req->qtcb->bottom.support.d_id, wka_port->d_id);

	req->data = wka_port;

	req_id = req->req_id;

	zfcp_fsf_start_timer(req, ZFCP_FSF_REQUEST_TIMEOUT);

	retval = zfcp_fsf_req_send(req);

	if (retval)

		zfcp_fsf_req_free(req);

	/* NOTE: DO NOT TOUCH req PAST THIS POINT! */

out:

	spin_unlock_irq(&qdio->req_q_lock);

	if (!retval)

		zfcp_dbf_rec_run_wka("fsowp_1", wka_port, req->req_id);

		zfcp_dbf_rec_run_wka("fsowp_1", wka_port, req_id);

	return retval;

}

{

	struct zfcp_qdio *qdio = wka_port->adapter->qdio;

	struct zfcp_fsf_req *req;

	unsigned long req_id = 0;

	int retval = -EIO;

	spin_lock_irq(&qdio->req_q_lock);

	req->data = wka_port;

	req->qtcb->header.port_handle = wka_port->handle;

	req_id = req->req_id;

	zfcp_fsf_start_timer(req, ZFCP_FSF_REQUEST_TIMEOUT);

	retval = zfcp_fsf_req_send(req);

	if (retval)

		zfcp_fsf_req_free(req);

	/* NOTE: DO NOT TOUCH req PAST THIS POINT! */

out:

	spin_unlock_irq(&qdio->req_q_lock);

	if (!retval)

		zfcp_dbf_rec_run_wka("fscwp_1", wka_port, req->req_id);

		zfcp_dbf_rec_run_wka("fscwp_1", wka_port, req_id);

	return retval;

}

		zfcp_fsf_req_free(req);

		erp_action->fsf_req_id = 0;

	}

	/* NOTE: DO NOT TOUCH req PAST THIS POINT! */

out:

	spin_unlock_irq(&qdio->req_q_lock);

	return retval;

		zfcp_fsf_req_free(req);

		erp_action->fsf_req_id = 0;

	}

	/* NOTE: DO NOT TOUCH req PAST THIS POINT! */

out:

	spin_unlock_irq(&qdio->req_q_lock);

	return retval;

		zfcp_fsf_req_free(req);

		erp_action->fsf_req_id = 0;

	}

	/* NOTE: DO NOT TOUCH req PAST THIS POINT! */

out:

	spin_unlock_irq(&qdio->req_q_lock);

	return retval;

	retval = zfcp_fsf_req_send(req);

	if (unlikely(retval))

		goto failed_scsi_cmnd;

	/* NOTE: DO NOT TOUCH req PAST THIS POINT! */

	goto out;

	zfcp_fc_fcp_tm(fcp_cmnd, sdev, tm_flags);

	zfcp_fsf_start_timer(req, ZFCP_FSF_SCSI_ER_TIMEOUT);

	if (!zfcp_fsf_req_send(req))

	if (!zfcp_fsf_req_send(req)) {

		/* NOTE: DO NOT TOUCH req, UNTIL IT COMPLETES! */

		goto out;

	}

	zfcp_fsf_req_free(req);

	req = NULL;

	else

		shost->dma_boundary = 0xffffffff;

	if (sht->virt_boundary_mask)

		shost->virt_boundary_mask = sht->virt_boundary_mask;

	device_initialize(&shost->shost_gendev);

	dev_set_name(&shost->shost_gendev, "host%d", shost->host_no);

	shost->shost_gendev.bus = &scsi_bus_type;