[PATCH] nvme-core: remove head->effects to fix use-after-free

Sagi Grimberg sagi at grimberg.me
Mon Nov 20 02:18:51 PST 2023



On 11/20/23 10:23, Christoph Hellwig wrote:
> On Fri, Nov 17, 2023 at 09:38:19AM -0700, Keith Busch wrote:
>> The effects log is per-CSI so different command sets won't create
>> conflicts.
> 
> True.  But that wasn't the point anyway.  It is that different
> controllers might expose very different namespaes with different
> capabilities.  Maybe a controller with HDD namespaces vs flash might
> be a better example.
> 
>> Namespaces that are not shared don't really matter here because this
>> problem is unique to mulitpath.
> 
> Indeed.
> 
>> It doesn't make sense for effects logs to be different per-controller
>> for the same shared namespace. The spec doesn't seem to explicitly
>> prevent that, but hints that all hosts should be seeing the same thing
>> no matter which controller they're connected to:
> 
> Also agreed as already indicated in the past mail.

Having every ns get its own effects log cache is another 4k per nshead.
Even if we restrict it only to iocs its 1k per nshead.

Would it make sense to have nvme_free_cels fence passthru commands
with an rcu instead?



More information about the Linux-nvme mailing list