* [PATCH] zram: fix race between backing_dev_show and backing_dev_store
@ 2019-10-14 9:53 Chen Wandun
2019-10-15 20:25 ` Minchan Kim
0 siblings, 1 reply; 2+ messages in thread
From: Chen Wandun @ 2019-10-14 9:53 UTC (permalink / raw)
To: minchan, ngupta, sergey.senozhatsky.work, axboe, linux-kernel,
linux-block
Cc: chenwandun
From: Chenwandun <chenwandun@huawei.com>
CPU0: CPU1:
backing_dev_show backing_dev_store
...... ......
file = zram->backing_dev;
down_read(&zram->init_lock); down_read(&zram->init_init_lock)
file_path(file, ...); zram->backing_dev = backing_dev;
up_read(&zram->init_lock); up_read(&zram->init_lock);
get the value of zram->backing_dev too early in backing_dev_show,
that will result the value may be NULL at the begining, and not
NULL later.
backtrace:
[<ffffff8570e0f3ec>] d_path+0xcc/0x174
[<ffffff8570decd90>] file_path+0x10/0x18
[<ffffff85712f7630>] backing_dev_show+0x40/0xb4
[<ffffff85712c776c>] dev_attr_show+0x20/0x54
[<ffffff8570e835e4>] sysfs_kf_seq_show+0x9c/0x10c
[<ffffff8570e82b98>] kernfs_seq_show+0x28/0x30
[<ffffff8570e1c580>] seq_read+0x184/0x488
[<ffffff8570e81ec4>] kernfs_fop_read+0x5c/0x1a4
[<ffffff8570dee0fc>] __vfs_read+0x44/0x128
[<ffffff8570dee310>] vfs_read+0xa0/0x138
[<ffffff8570dee860>] SyS_read+0x54/0xb4
Signed-off-by: Chenwandun <chenwandun@huawei.com>
---
drivers/block/zram/zram_drv.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c
index d58a359..4285e75 100644
--- a/drivers/block/zram/zram_drv.c
+++ b/drivers/block/zram/zram_drv.c
@@ -413,13 +413,14 @@ static void reset_bdev(struct zram *zram)
static ssize_t backing_dev_show(struct device *dev,
struct device_attribute *attr, char *buf)
{
+ struct file *file;
struct zram *zram = dev_to_zram(dev);
- struct file *file = zram->backing_dev;
char *p;
ssize_t ret;
down_read(&zram->init_lock);
- if (!zram->backing_dev) {
+ file = zram->backing_dev;
+ if (!file) {
memcpy(buf, "none\n", 5);
up_read(&zram->init_lock);
return 5;
--
2.7.4
^ permalink raw reply related [flat|nested] 2+ messages in thread* Re: [PATCH] zram: fix race between backing_dev_show and backing_dev_store
2019-10-14 9:53 [PATCH] zram: fix race between backing_dev_show and backing_dev_store Chen Wandun
@ 2019-10-15 20:25 ` Minchan Kim
0 siblings, 0 replies; 2+ messages in thread
From: Minchan Kim @ 2019-10-15 20:25 UTC (permalink / raw)
To: Chen Wandun, Andrew Morton
Cc: ngupta, sergey.senozhatsky.work, axboe, linux-kernel,
linux-block, stable
On Mon, Oct 14, 2019 at 05:53:59PM +0800, Chen Wandun wrote:
> From: Chenwandun <chenwandun@huawei.com>
>
> CPU0: CPU1:
> backing_dev_show backing_dev_store
> ...... ......
> file = zram->backing_dev;
> down_read(&zram->init_lock); down_read(&zram->init_init_lock)
> file_path(file, ...); zram->backing_dev = backing_dev;
> up_read(&zram->init_lock); up_read(&zram->init_lock);
>
> get the value of zram->backing_dev too early in backing_dev_show,
> that will result the value may be NULL at the begining, and not
> NULL later.
>
> backtrace:
> [<ffffff8570e0f3ec>] d_path+0xcc/0x174
> [<ffffff8570decd90>] file_path+0x10/0x18
> [<ffffff85712f7630>] backing_dev_show+0x40/0xb4
> [<ffffff85712c776c>] dev_attr_show+0x20/0x54
> [<ffffff8570e835e4>] sysfs_kf_seq_show+0x9c/0x10c
> [<ffffff8570e82b98>] kernfs_seq_show+0x28/0x30
> [<ffffff8570e1c580>] seq_read+0x184/0x488
> [<ffffff8570e81ec4>] kernfs_fop_read+0x5c/0x1a4
> [<ffffff8570dee0fc>] __vfs_read+0x44/0x128
> [<ffffff8570dee310>] vfs_read+0xa0/0x138
> [<ffffff8570dee860>] SyS_read+0x54/0xb4
>
> Signed-off-by: Chenwandun <chenwandun@huawei.com>
It should be stable material.
Cc: <stable@vger.kernel.org> [4.14+]
Acked-by: Minchan Kim <minchan@kernel.org>
Thanks!
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-10-15 20:25 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-14 9:53 [PATCH] zram: fix race between backing_dev_show and backing_dev_store Chen Wandun
2019-10-15 20:25 ` Minchan Kim
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).