Patchwork block: blkdev_get() should access ->bd_disk only after success

login
register
mail settings
Submitter Herton Ronaldo Krzesinski
Date Oct. 11, 2011, 3:39 p.m.
Message ID <1318347577-4152-2-git-send-email-herton.krzesinski@canonical.com>
Download mbox | patch
Permalink /patch/119001/
State New
Headers show

Comments

Herton Ronaldo Krzesinski - Oct. 11, 2011, 3:39 p.m.
From: Tejun Heo <tj@kernel.org>

d4dc210f69 (block: don't block events on excl write for non-optical
devices) added dereferencing of bdev->bd_disk to test
GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE; however, bdev->bd_disk can be
%NULL if open failed which can lead to an oops.

Test the flag after testing open was successful, not before.

Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: David Miller <davem@davemloft.net>
Tested-by: David Miller <davem@davemloft.net>
Cc: stable@kernel.org
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
(cherry picked from commit 4c49ff3fe128ca68dabd07537415c419ad7f82f9)
BugLink: http://bugs.launchpad.net/bugs/857170
Signed-off-by: Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>
---
 fs/block_dev.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)
Leann Ogasawara - Oct. 11, 2011, 4:11 p.m.
On Tue, 2011-10-11 at 12:39 -0300, Herton R. Krzesinski wrote:
> From: Tejun Heo <tj@kernel.org>
> 
> d4dc210f69 (block: don't block events on excl write for non-optical
> devices) added dereferencing of bdev->bd_disk to test
> GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE; however, bdev->bd_disk can be
> %NULL if open failed which can lead to an oops.
> 
> Test the flag after testing open was successful, not before.
> 
> Signed-off-by: Tejun Heo <tj@kernel.org>
> Reported-by: David Miller <davem@davemloft.net>
> Tested-by: David Miller <davem@davemloft.net>
> Cc: stable@kernel.org
> Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
> (cherry picked from commit 4c49ff3fe128ca68dabd07537415c419ad7f82f9)
> BugLink: http://bugs.launchpad.net/bugs/857170
> Signed-off-by: Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>

Ack.  Clean cherry-pick with positive test results in the bug.

Acked-by: Leann Ogasawara <leann.ogasawara@canonical.com>

> ---
>  fs/block_dev.c |    4 ++--
>  1 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/block_dev.c b/fs/block_dev.c
> index 59277ba..0ce65c9 100644
> --- a/fs/block_dev.c
> +++ b/fs/block_dev.c
> @@ -1267,8 +1267,8 @@ int blkdev_get(struct block_device *bdev, fmode_t mode, void *holder)
>  		 * individual writeable reference is too fragile given the
>  		 * way @mode is used in blkdev_get/put().
>  		 */
> -		if ((disk->flags & GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE) &&
> -		    !res && (mode & FMODE_WRITE) && !bdev->bd_write_holder) {
> +		if (!res && (mode & FMODE_WRITE) && !bdev->bd_write_holder &&
> +		    (disk->flags & GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE)) {
>  			bdev->bd_write_holder = true;
>  			disk_block_events(disk);
>  		}
> -- 
> 1.7.4.1
> 
>
Tim Gardner - Oct. 11, 2011, 5:04 p.m.
On 10/11/2011 04:39 PM, Herton R. Krzesinski wrote:
> From: Tejun Heo<tj@kernel.org>
>
> d4dc210f69 (block: don't block events on excl write for non-optical
> devices) added dereferencing of bdev->bd_disk to test
> GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE; however, bdev->bd_disk can be
> %NULL if open failed which can lead to an oops.
>
> Test the flag after testing open was successful, not before.
>
> Signed-off-by: Tejun Heo<tj@kernel.org>
> Reported-by: David Miller<davem@davemloft.net>
> Tested-by: David Miller<davem@davemloft.net>
> Cc: stable@kernel.org
> Signed-off-by: Jens Axboe<jaxboe@fusionio.com>
> (cherry picked from commit 4c49ff3fe128ca68dabd07537415c419ad7f82f9)
> BugLink: http://bugs.launchpad.net/bugs/857170
> Signed-off-by: Herton Ronaldo Krzesinski<herton.krzesinski@canonical.com>
> ---
>   fs/block_dev.c |    4 ++--
>   1 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/fs/block_dev.c b/fs/block_dev.c
> index 59277ba..0ce65c9 100644
> --- a/fs/block_dev.c
> +++ b/fs/block_dev.c
> @@ -1267,8 +1267,8 @@ int blkdev_get(struct block_device *bdev, fmode_t mode, void *holder)
>   		 * individual writeable reference is too fragile given the
>   		 * way @mode is used in blkdev_get/put().
>   		 */
> -		if ((disk->flags&  GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE)&&
> -		    !res&&  (mode&  FMODE_WRITE)&&  !bdev->bd_write_holder) {
> +		if (!res&&  (mode&  FMODE_WRITE)&&  !bdev->bd_write_holder&&
> +		    (disk->flags&  GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE)) {
>   			bdev->bd_write_holder = true;
>   			disk_block_events(disk);
>   		}
Seth Forshee - Oct. 11, 2011, 9:49 p.m.
On Tue, Oct 11, 2011 at 12:39:37PM -0300, Herton R. Krzesinski wrote:
> From: Tejun Heo <tj@kernel.org>
> 
> d4dc210f69 (block: don't block events on excl write for non-optical
> devices) added dereferencing of bdev->bd_disk to test
> GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE; however, bdev->bd_disk can be
> %NULL if open failed which can lead to an oops.
> 
> Test the flag after testing open was successful, not before.
> 
> Signed-off-by: Tejun Heo <tj@kernel.org>
> Reported-by: David Miller <davem@davemloft.net>
> Tested-by: David Miller <davem@davemloft.net>
> Cc: stable@kernel.org
> Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
> (cherry picked from commit 4c49ff3fe128ca68dabd07537415c419ad7f82f9)
> BugLink: http://bugs.launchpad.net/bugs/857170
> Signed-off-by: Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>
> ---
>  fs/block_dev.c |    4 ++--
>  1 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/block_dev.c b/fs/block_dev.c
> index 59277ba..0ce65c9 100644
> --- a/fs/block_dev.c
> +++ b/fs/block_dev.c
> @@ -1267,8 +1267,8 @@ int blkdev_get(struct block_device *bdev, fmode_t mode, void *holder)
>  		 * individual writeable reference is too fragile given the
>  		 * way @mode is used in blkdev_get/put().
>  		 */
> -		if ((disk->flags & GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE) &&
> -		    !res && (mode & FMODE_WRITE) && !bdev->bd_write_holder) {
> +		if (!res && (mode & FMODE_WRITE) && !bdev->bd_write_holder &&
> +		    (disk->flags & GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE)) {
>  			bdev->bd_write_holder = true;
>  			disk_block_events(disk);
>  		}

Acked-by: Seth Forshee <seth.forshee@canonical.com>

Patch

diff --git a/fs/block_dev.c b/fs/block_dev.c
index 59277ba..0ce65c9 100644
--- a/fs/block_dev.c
+++ b/fs/block_dev.c
@@ -1267,8 +1267,8 @@  int blkdev_get(struct block_device *bdev, fmode_t mode, void *holder)
 		 * individual writeable reference is too fragile given the
 		 * way @mode is used in blkdev_get/put().
 		 */
-		if ((disk->flags & GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE) &&
-		    !res && (mode & FMODE_WRITE) && !bdev->bd_write_holder) {
+		if (!res && (mode & FMODE_WRITE) && !bdev->bd_write_holder &&
+		    (disk->flags & GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE)) {
 			bdev->bd_write_holder = true;
 			disk_block_events(disk);
 		}