fix delayed holder tracking

[PATCH v3 01/10] block: clear ->slave_dir when dropping the main slave_dir reference

Posted by Yu Kuai 3 years, 4 months ago

From: Christoph Hellwig <hch@lst.de>

Zero out the pointer to ->slave_dir so that the holder code doesn't
incorrectly treat the object as alive when add_disk failed or after
del_gendisk was called.

Fixes: 89f871af1b26 ("dm: delay registering the gendisk")
Reported-by: Yu Kuai <yukuai3@huawei.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Yu Kuai <yukuai3@huawei.com>
---
 block/genhd.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/block/genhd.c b/block/genhd.c
index 74026ce31405..e9501c66ba4d 100644
--- a/block/genhd.c
+++ b/block/genhd.c
@@ -530,6 +530,7 @@ int __must_check device_add_disk(struct device *parent, struct gendisk *disk,
 	rq_qos_exit(disk->queue);
 out_put_slave_dir:
 	kobject_put(disk->slave_dir);
+	disk->slave_dir = NULL;
 out_put_holder_dir:
 	kobject_put(disk->part0->bd_holder_dir);
 out_del_integrity:
@@ -634,6 +635,7 @@ void del_gendisk(struct gendisk *disk)
 
 	kobject_put(disk->part0->bd_holder_dir);
 	kobject_put(disk->slave_dir);
+	disk->slave_dir = NULL;
 
 	part_stat_set_all(disk->part0, 0);
 	disk->part0->bd_stamp = 0;
-- 
2.31.1

Re: [PATCH v3 01/10] block: clear ->slave_dir when dropping the main slave_dir reference

Posted by Mike Snitzer 3 years, 4 months ago

On Tue, Nov 15 2022 at  9:10P -0500,
Yu Kuai <yukuai1@huaweicloud.com> wrote:

> From: Christoph Hellwig <hch@lst.de>
> 
> Zero out the pointer to ->slave_dir so that the holder code doesn't
> incorrectly treat the object as alive when add_disk failed or after
> del_gendisk was called.
> 
> Fixes: 89f871af1b26 ("dm: delay registering the gendisk")
> Reported-by: Yu Kuai <yukuai3@huawei.com>
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> Signed-off-by: Yu Kuai <yukuai3@huawei.com>

Reviewed-by: Mike Snitzer <snitzer@kernel.org>

[PATCH v3 01/10] block: clear ->slave_dir when dropping the main slave_dir reference
[PATCH v3 02/10] dm: remove free_table_devices
[PATCH v3 03/10] dm: cleanup open_table_device
[PATCH v3 04/10] dm: cleanup close_table_device
[PATCH RFC v3 05/10] dm: make sure create and remove dm device won't race with open and close table
[PATCH v3 06/10] dm: track per-add_disk holder relations in DM
[PATCH v3 07/10] block: remove delayed holder registration
[PATCH v3 08/10] block: fix use after free for bd_holder_dir
[PATCH v3 09/10] block: store the holder kobject in bd_holder_disk
[PATCH v3 10/10] block: don't allow a disk link holder to itself