From: Giuliano Procida <gprocida@google.com>
Date: Thu Jun 18 19:32:23 2020 +0100
Subject: blk-mq: move _blk_mq_update_nr_hw_queues synchronize_rcu call
Patch-mainline: never, not needed upstream, android only
References: CVE-2020-0433 bsc#1176720
This fixes the
4.14 backport commit 574eb136ec7f315c3ef2ca68fa9b3e16c56baa24
which was
upstream commit f5bbbbe4d63577026f908a809f22f5fd5a90ea1f.
The upstream commit added a call to synchronize_rcu to
_blk_mq_update_nr_hw_queues, just after freezing queues.
In the backport this landed just after unfreezeing queues.
This commit moves the call to its intended place.
[lduncan: this commit didn't make it upstream since the commit
it fixes was changed there. But it's needed for this backport.
See: https://android.googlesource.com/kernel/common/+/b609c7cecb71%5E%21/#F0 ]
Fixes: 574eb136ec7f ("blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter")
Signed-off-by: Giuliano Procida <gprocida@google.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Acked-by: Lee Duncan <lduncan@suse.com>
---
---
block/blk-mq.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
--- a/block/blk-mq.c
+++ b/block/blk-mq.c
@@ -2777,10 +2777,6 @@ static void __blk_mq_update_nr_hw_queues
list_for_each_entry(q, &set->tag_list, tag_set_list)
blk_mq_freeze_queue(q);
/*
- * Sync with blk_mq_queue_tag_busy_iter.
- */
- synchronize_rcu();
- /*
* Switch IO scheduler to 'none', cleaning up the data associated
* with the previous scheduler. We will switch back once we are done
* updating the new sw to hw queue mappings.
@@ -2821,6 +2817,11 @@ switch_back:
list_for_each_entry(q, &set->tag_list, tag_set_list)
blk_mq_unfreeze_queue(q);
+
+ /*
+ * Sync with blk_mq_queue_tag_busy_iter.
+ */
+ synchronize_rcu();
}
void blk_mq_update_nr_hw_queues(struct blk_mq_tag_set *set, int nr_hw_queues)