* [PATCH] nbd: call genl_unregister_family() first in nbd_cleanup()
@ 2021-08-05 2:19 Hou Tao
2021-08-05 15:50 ` Eric Blake
0 siblings, 1 reply; 3+ messages in thread
From: Hou Tao @ 2021-08-05 2:19 UTC (permalink / raw)
To: Josef Bacik, Jens Axboe; +Cc: linux-block, nbd, houtao1
Else there may be race between module removal and handling of
netlink command and will lead to oops as shown below:
BUG: kernel NULL pointer dereference, address: 0000000000000098
Oops: 0002 [#1] SMP PTI
CPU: 1 PID: 31299 Comm: nbd-client Tainted: G E 5.14.0-rc4
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)
RIP: 0010:down_write+0x1a/0x50
Call Trace:
start_creating+0x89/0x130
debugfs_create_dir+0x1b/0x130
nbd_start_device+0x13d/0x390 [nbd]
nbd_genl_connect+0x42f/0x748 [nbd]
genl_family_rcv_msg_doit.isra.0+0xec/0x150
genl_rcv_msg+0xe5/0x1e0
netlink_rcv_skb+0x55/0x100
genl_rcv+0x29/0x40
netlink_unicast+0x1a8/0x250
netlink_sendmsg+0x21b/0x430
____sys_sendmsg+0x2a4/0x2d0
___sys_sendmsg+0x81/0xc0
__sys_sendmsg+0x62/0xb0
__x64_sys_sendmsg+0x1f/0x30
do_syscall_64+0x3b/0xc0
entry_SYSCALL_64_after_hwframe+0x44/0xae
Modules linked in: nbd(E-)
Signed-off-by: Hou Tao <houtao1@huawei.com>
---
drivers/block/nbd.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c
index 9a7c9a425ab0..0993d108d868 100644
--- a/drivers/block/nbd.c
+++ b/drivers/block/nbd.c
@@ -2492,6 +2492,12 @@ static void __exit nbd_cleanup(void)
struct nbd_device *nbd;
LIST_HEAD(del_list);
+ /*
+ * Unregister netlink interface first to waiting
+ * for the completion of netlink commands.
+ */
+ genl_unregister_family(&nbd_genl_family);
+
nbd_dbg_close();
mutex_lock(&nbd_index_mutex);
@@ -2510,7 +2516,6 @@ static void __exit nbd_cleanup(void)
destroy_workqueue(nbd_del_wq);
idr_destroy(&nbd_index_idr);
- genl_unregister_family(&nbd_genl_family);
unregister_blkdev(NBD_MAJOR, "nbd");
}
--
2.29.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] nbd: call genl_unregister_family() first in nbd_cleanup()
2021-08-05 2:19 [PATCH] nbd: call genl_unregister_family() first in nbd_cleanup() Hou Tao
@ 2021-08-05 15:50 ` Eric Blake
2021-08-10 2:19 ` Hou Tao
0 siblings, 1 reply; 3+ messages in thread
From: Eric Blake @ 2021-08-05 15:50 UTC (permalink / raw)
To: Hou Tao; +Cc: Josef Bacik, Jens Axboe, linux-block, nbd
On Thu, Aug 05, 2021 at 10:19:46AM +0800, Hou Tao wrote:
> Else there may be race between module removal and handling of
> netlink command and will lead to oops as shown below:
Grammar suggestion:
Otherwise, there is a race between module removal and the handling of
a netlink command, which can lead to the oops shown below:
>
> Signed-off-by: Hou Tao <houtao1@huawei.com>
> ---
> drivers/block/nbd.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c
> index 9a7c9a425ab0..0993d108d868 100644
> --- a/drivers/block/nbd.c
> +++ b/drivers/block/nbd.c
> @@ -2492,6 +2492,12 @@ static void __exit nbd_cleanup(void)
> struct nbd_device *nbd;
> LIST_HEAD(del_list);
>
> + /*
> + * Unregister netlink interface first to waiting
> + * for the completion of netlink commands.
Grammar suggestion: s/first/prior/
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] nbd: call genl_unregister_family() first in nbd_cleanup()
2021-08-05 15:50 ` Eric Blake
@ 2021-08-10 2:19 ` Hou Tao
0 siblings, 0 replies; 3+ messages in thread
From: Hou Tao @ 2021-08-10 2:19 UTC (permalink / raw)
To: Eric Blake; +Cc: Josef Bacik, Jens Axboe, linux-block, nbd
Hi,
Thanks for your suggestions. Will fix in v2.
Regards,
Tao
On 8/5/2021 11:50 PM, Eric Blake wrote:
> On Thu, Aug 05, 2021 at 10:19:46AM +0800, Hou Tao wrote:
>> Else there may be race between module removal and handling of
>> netlink command and will lead to oops as shown below:
> Grammar suggestion:
>
> Otherwise, there is a race between module removal and the handling of
> a netlink command, which can lead to the oops shown below:
>
>> Signed-off-by: Hou Tao <houtao1@huawei.com>
>> ---
>> drivers/block/nbd.c | 7 ++++++-
>> 1 file changed, 6 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c
>> index 9a7c9a425ab0..0993d108d868 100644
>> --- a/drivers/block/nbd.c
>> +++ b/drivers/block/nbd.c
>> @@ -2492,6 +2492,12 @@ static void __exit nbd_cleanup(void)
>> struct nbd_device *nbd;
>> LIST_HEAD(del_list);
>>
>> + /*
>> + * Unregister netlink interface first to waiting
>> + * for the completion of netlink commands.
> Grammar suggestion: s/first/prior/
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-08-10 2:19 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-05 2:19 [PATCH] nbd: call genl_unregister_family() first in nbd_cleanup() Hou Tao
2021-08-05 15:50 ` Eric Blake
2021-08-10 2:19 ` Hou Tao
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).