Bug 4948

Summary: generic scsi driver race condition
Product: [Retired] Red Hat Linux Reporter: olivern
Component: kernelAssignee: Michael K. Johnson <johnsonm>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.0CC: alan
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-04-22 06:29:07 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description olivern 1999-09-07 02:56:50 UTC 
There appears to be a race condition in the sg_read()
routine of the generic scsi driver (sg.c) supplied with Red
Hat Linux 6.0.  When the check is made whether or not to
put the process to sleep awaiting input, interrupts are
not disabled, resulting in the race condition described
on page 209 of Allessandro Rubini's "Linux Device Drivers".
The appropriate fix is described in the book - basically,
the sleep code needs a save_flags()/cli()/restore_flags()
sequence inserted in the appropriate place.  Note that
there may well be other locations in the file with a
similar problem - the only one that was affecting us was
in the read routine, so we limited our patch to the
sg_read.c routine.

The latent bug most often manifested itself when reading
back very short SCSI messages, at least on our system.
Since the race condition would be highly dependent on
overall system timing, it will affect different systems in
different ways.

Interestingly enough, the equivalent driver code under
Slackware 3.5 (fairly old now) included the interrupt code.
Looks like someone went and unintentionally cleaned out some
critical code at some point.

It also appears that the generic scsi driver has been
significantly rewritten in the most recent kernel available
at the RedHat site.  Comments in the code indicate that
logic exists to prevent race conditions in those regions
that we observed them occurring.  So the problem should
already be fixed in future RedHat releases.
Comment 1 Cristian Gafton 1999-10-06 22:45:59 UTC 
assigned to dledford
Comment 2 Doug Ledford 2000-04-22 06:29:59 UTC 
Current 2.2.14 kernels should not have this problem due to the rewritten sg
driver mentioned in the original comments.  Bug closed.