提交 993cb35b 编写于 作者: C Chenwandun 提交者: Caspar Zhang

zram: fix race between backing_dev_show and backing_dev_store

commit f7daefe4231e57381d92c2e2ad905a899c28e402 upstream
Update based on current code.

CPU0:				       CPU1:
backing_dev_show		       backing_dev_store
    ......				   ......
    file = zram->backing_dev;
    down_read(&zram->init_lock);	   down_read(&zram->init_init_lock)
    file_path(file, ...);		   zram->backing_dev = backing_dev;
    up_read(&zram->init_lock);		   up_read(&zram->init_lock);

gets the value of zram->backing_dev too early in backing_dev_show, which
resultin the value being NULL at the beginning, and not NULL later.

backtrace:
  d_path+0xcc/0x174
  file_path+0x10/0x18
  backing_dev_show+0x40/0xb4
  dev_attr_show+0x20/0x54
  sysfs_kf_seq_show+0x9c/0x10c
  kernfs_seq_show+0x28/0x30
  seq_read+0x184/0x488
  kernfs_fop_read+0x5c/0x1a4
  __vfs_read+0x44/0x128
  vfs_read+0xa0/0x138
  SyS_read+0x54/0xb4

Link: http://lkml.kernel.org/r/1571046839-16814-1-git-send-email-chenwandun@huawei.comSigned-off-by: NHui Zhu <teawaterz@linux.alibaba.com>
Signed-off-by: NChenwandun <chenwandun@huawei.com>
Acked-by: NMinchan Kim <minchan@kernel.org>
Cc: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: <stable@vger.kernel.org>	[4.14+]
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
Reviewed-by: NAlex Shi <alex.shi@linux.alibaba.com>
Acked-by: NCaspar Zhang <caspar@linux.alibaba.com>
上级 53f96bfd
...@@ -312,12 +312,13 @@ static void reset_bdev(struct zram *zram) ...@@ -312,12 +312,13 @@ static void reset_bdev(struct zram *zram)
static ssize_t backing_dev_show(struct device *dev, static ssize_t backing_dev_show(struct device *dev,
struct device_attribute *attr, char *buf) struct device_attribute *attr, char *buf)
{ {
struct file *file;
struct zram *zram = dev_to_zram(dev); struct zram *zram = dev_to_zram(dev);
struct file *file = zram->backing_dev;
char *p; char *p;
ssize_t ret; ssize_t ret;
down_read(&zram->init_lock); down_read(&zram->init_lock);
file = zram->backing_dev;
if (!zram_wb_enabled(zram)) { if (!zram_wb_enabled(zram)) {
memcpy(buf, "none\n", 5); memcpy(buf, "none\n", 5);
up_read(&zram->init_lock); up_read(&zram->init_lock);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册