md: fix a lock order reversal in md_alloc

stable inclusion from linux-4.19.209 commit 906b4dcc180808f0ba74ec1e07a5cf708463bc48 -------------------------------- [ Upstream commit 7df835a3 ] Commit b0140891 ("md: Fix race when creating a new md device.") not only moved assigning mddev->gendisk before calling add_disk, which fixes the races described in the commit log, but also added a mddev->open_mutex critical section over add_disk and creation of the md kobj. Adding a kobject after add_disk is racy vs deleting the gendisk right after adding it, but md already prevents against that by holding a mddev->active reference. On the other hand taking this lock added a lock order reversal with what is not disk->open_mutex (used to be bdev->bd_mutex when the commit was added) for partition devices, which need that lock for the internal open for the partition scan, and a recent commit also takes it for non-partitioned devices, leading to further lockdep splatter. Fixes: b0140891 ("md: Fix race when creating a new md device.") Fixes: d6263387 ("block: support delayed holder registration") Reported-by: syzbot+fadc0aaf497e6a493b9f@syzkaller.appspotmail.com Signed-off-by: N Christoph Hellwig <hch@lst.de> Tested-by: syzbot+fadc0aaf497e6a493b9f@syzkaller.appspotmail.com Reviewed-by: N NeilBrown <neilb@suse.de> Signed-off-by: N Song Liu <songliubraving@fb.com> Signed-off-by: N Sasha Levin <sashal@kernel.org> Acked-by: N Jason Yan <yanaijie@huawei.com> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>

md: fix a lock order reversal in md_alloc
stable inclusion from linux-4.19.209 commit 906b4dcc180808f0ba74ec1e07a5cf708463bc48 -------------------------------- [ Upstream commit 7df835a3 ] Commit b0140891 ("md: Fix race when creating a new md device.") not only moved assigning mddev->gendisk before calling add_disk, which fixes the races described in the commit log, but also added a mddev->open_mutex critical section over add_disk and creation of the md kobj. Adding a kobject after add_disk is racy vs deleting the gendisk right after adding it, but md already prevents against that by holding a mddev->active reference. On the other hand taking this lock added a lock order reversal with what is not disk->open_mutex (used to be bdev->bd_mutex when the commit was added) for partition devices, which need that lock for the internal open for the partition scan, and a recent commit also takes it for non-partitioned devices, leading to further lockdep splatter. Fixes: b0140891 ("md: Fix race when creating a new md device.") Fixes: d6263387 ("block: support delayed holder registration") Reported-by: syzbot+fadc0aaf497e6a493b9f@syzkaller.appspotmail.com Signed-off-by: N Christoph Hellwig <hch@lst.de> Tested-by: syzbot+fadc0aaf497e6a493b9f@syzkaller.appspotmail.com Reviewed-by: N NeilBrown <neilb@suse.de> Signed-off-by: N Song Liu <songliubraving@fb.com> Signed-off-by: N Sasha Levin <sashal@kernel.org> Acked-by: N Jason Yan <yanaijie@huawei.com> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>
27948e56 · Christoph Hellwig · Yang Yingliang · 4bab6d71 · 27948e56
显示空白变更内容
内联并排

Showing with 0 addition and 5 deletion

drivers/md/md.c drivers/md/md.c +0 -5

未找到文件。
--- a/drivers/md/md.c
+++ b/drivers/md/md.c
@@ -5467,10 +5467,6 @@ static int md_alloc(dev_t dev, char *name)
 	 */
 	disk->flags |= GENHD_FL_EXT_DEVT;
 	mddev->gendisk = disk;
-	/* As soon as we call add_disk(), another thread could get
-	 * through to md_open, so make sure it doesn't get too far
-	 */
-	mutex_lock(&mddev->open_mutex);
 	add_disk(disk);
 	error = kobject_add(&mddev->kobj, &disk_to_dev(disk)->kobj, "%s", "md");
@@ -5485,7 +5481,6 @@ static int md_alloc(dev_t dev, char *name)
 	if (mddev->kobj.sd &&
 	    sysfs_create_group(&mddev->kobj, &md_bitmap_group))
 		pr_debug("pointless warning\n");
-	mutex_unlock(&mddev->open_mutex);
 abort:
 	mutex_unlock(&disks_mutex);
 	if (!error && mddev->kobj.sd) {