|
Hannes Reinecke |
e6d6d7 |
From: Damien Le Moal <damien.lemoal@opensource.wdc.com>
|
|
Hannes Reinecke |
e6d6d7 |
Date: Fri, 3 Jun 2022 11:19:05 +0900
|
|
Hannes Reinecke |
e6d6d7 |
Subject: [PATCH] block: Fix potential deadlock in blk_ia_range_sysfs_show()
|
|
Hannes Reinecke |
e6d6d7 |
Git-commit: 41e46b3c2aa24f755b2ae9ec4ce931ba5f0d8532
|
|
Hannes Reinecke |
e6d6d7 |
Patch-mainline: v5.19-rc1
|
|
Hannes Reinecke |
e6d6d7 |
References: jsc#PED-1183
|
|
Hannes Reinecke |
e6d6d7 |
|
|
Hannes Reinecke |
e6d6d7 |
When being read, a sysfs attribute is already protected against removal
|
|
Hannes Reinecke |
e6d6d7 |
with the kobject node active reference counter. As a result, in
|
|
Hannes Reinecke |
e6d6d7 |
blk_ia_range_sysfs_show(), there is no need to take the queue sysfs
|
|
Hannes Reinecke |
e6d6d7 |
lock when reading the value of a range attribute. Using the queue sysfs
|
|
Hannes Reinecke |
e6d6d7 |
lock in this function creates a potential deadlock situation with the
|
|
Hannes Reinecke |
e6d6d7 |
disk removal, something that a lockdep signals with a splat when the
|
|
Hannes Reinecke |
e6d6d7 |
device is removed:
|
|
Hannes Reinecke |
e6d6d7 |
|
|
Hannes Reinecke |
e6d6d7 |
[ 760.703551] Possible unsafe locking scenario:
|
|
Hannes Reinecke |
e6d6d7 |
[ 760.703551]
|
|
Hannes Reinecke |
e6d6d7 |
[ 760.703554] CPU0 CPU1
|
|
Hannes Reinecke |
e6d6d7 |
[ 760.703556] ---- ----
|
|
Hannes Reinecke |
e6d6d7 |
[ 760.703558] lock(&q->sysfs_lock);
|
|
Hannes Reinecke |
e6d6d7 |
[ 760.703565] lock(kn->active#385);
|
|
Hannes Reinecke |
e6d6d7 |
[ 760.703573] lock(&q->sysfs_lock);
|
|
Hannes Reinecke |
e6d6d7 |
[ 760.703579] lock(kn->active#385);
|
|
Hannes Reinecke |
e6d6d7 |
[ 760.703587]
|
|
Hannes Reinecke |
e6d6d7 |
[ 760.703587] *** DEADLOCK ***
|
|
Hannes Reinecke |
e6d6d7 |
|
|
Hannes Reinecke |
e6d6d7 |
Solve this by removing the mutex_lock()/mutex_unlock() calls from
|
|
Hannes Reinecke |
e6d6d7 |
blk_ia_range_sysfs_show().
|
|
Hannes Reinecke |
e6d6d7 |
|
|
Hannes Reinecke |
e6d6d7 |
Fixes: a2247f19ee1c ("block: Add independent access ranges support")
|
|
Hannes Reinecke |
e6d6d7 |
Cc: stable@vger.kernel.org
|
|
Hannes Reinecke |
e6d6d7 |
Signed-off-by: Damien Le Moal <damien.lemoal@opensource.wdc.com>
|
|
Hannes Reinecke |
e6d6d7 |
Link: https://lore.kernel.org/r/20220603021905.1441419-1-damien.lemoal@opensource.wdc.com
|
|
Hannes Reinecke |
e6d6d7 |
Signed-off-by: Jens Axboe <axboe@kernel.dk>
|
|
Hannes Reinecke |
e6d6d7 |
Acked-by: Hannes Reinecke <hare@suse.com>
|
|
Hannes Reinecke |
e6d6d7 |
---
|
|
Hannes Reinecke |
e6d6d7 |
block/blk-ia-ranges.c | 7 +------
|
|
Hannes Reinecke |
e6d6d7 |
1 file changed, 1 insertion(+), 6 deletions(-)
|
|
Hannes Reinecke |
e6d6d7 |
|
|
Hannes Reinecke |
e6d6d7 |
diff --git a/block/blk-ia-ranges.c b/block/blk-ia-ranges.c
|
|
Hannes Reinecke |
e6d6d7 |
index 18c68d8b9138..56ed48d2954e 100644
|
|
Hannes Reinecke |
e6d6d7 |
--- a/block/blk-ia-ranges.c
|
|
Hannes Reinecke |
e6d6d7 |
+++ b/block/blk-ia-ranges.c
|
|
Hannes Reinecke |
e6d6d7 |
@@ -54,13 +54,8 @@ static ssize_t blk_ia_range_sysfs_show(struct kobject *kobj,
|
|
Hannes Reinecke |
e6d6d7 |
container_of(attr, struct blk_ia_range_sysfs_entry, attr);
|
|
Hannes Reinecke |
e6d6d7 |
struct blk_independent_access_range *iar =
|
|
Hannes Reinecke |
e6d6d7 |
container_of(kobj, struct blk_independent_access_range, kobj);
|
|
Hannes Reinecke |
e6d6d7 |
- ssize_t ret;
|
|
Hannes Reinecke |
e6d6d7 |
|
|
Hannes Reinecke |
e6d6d7 |
- mutex_lock(&iar->queue->sysfs_lock);
|
|
Hannes Reinecke |
e6d6d7 |
- ret = entry->show(iar, buf);
|
|
Hannes Reinecke |
e6d6d7 |
- mutex_unlock(&iar->queue->sysfs_lock);
|
|
Hannes Reinecke |
e6d6d7 |
-
|
|
Hannes Reinecke |
e6d6d7 |
- return ret;
|
|
Hannes Reinecke |
e6d6d7 |
+ return entry->show(iar, buf);
|
|
Hannes Reinecke |
e6d6d7 |
}
|
|
Hannes Reinecke |
e6d6d7 |
|
|
Hannes Reinecke |
e6d6d7 |
static const struct sysfs_ops blk_ia_range_sysfs_ops = {
|
|
Hannes Reinecke |
e6d6d7 |
--
|
|
Hannes Reinecke |
e6d6d7 |
2.35.3
|
|
Hannes Reinecke |
e6d6d7 |
|