Piteball
/
android_kernel_samsung_msm8976
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/drivers/md
History
monty_pavel@sina.com 3ad6671dd5 dm: fix various targets to dm_register_target after module __init resources created 
commit 7e6358d244e4706fe612a77b9c36519a33600ac0 upstream.

A NULL pointer is seen if two concurrent "vgchange -ay -K <vg name>"
processes race to load the dm-thin-pool module:

 PID: 25992 TASK: ffff883cd7d23500 CPU: 4 COMMAND: "vgchange"
  #0 [ffff883cd743d600] machine_kexec at ffffffff81038fa9
  0000001 [ffff883cd743d660] crash_kexec at ffffffff810c5992
  0000002 [ffff883cd743d730] oops_end at ffffffff81515c90
  0000003 [ffff883cd743d760] no_context at ffffffff81049f1b
  0000004 [ffff883cd743d7b0] __bad_area_nosemaphore at ffffffff8104a1a5
  0000005 [ffff883cd743d800] bad_area at ffffffff8104a2ce
  0000006 [ffff883cd743d830] __do_page_fault at ffffffff8104aa6f
  0000007 [ffff883cd743d950] do_page_fault at ffffffff81517bae
  0000008 [ffff883cd743d980] page_fault at ffffffff81514f95
     [exception RIP: kmem_cache_alloc+108]
     RIP: ffffffff8116ef3c RSP: ffff883cd743da38 RFLAGS: 00010046
     RAX: 0000000000000004 RBX: ffffffff81121b90 RCX: ffff881bf1e78cc0
     RDX: 0000000000000000 RSI: 00000000000000d0 RDI: 0000000000000000
     RBP: ffff883cd743da68 R8: ffff881bf1a4eb00 R9: 0000000080042000
     R10: 0000000000002000 R11: 0000000000000000 R12: 00000000000000d0
     R13: 0000000000000000 R14: 00000000000000d0 R15: 0000000000000246
     ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
  0000009 [ffff883cd743da70] mempool_alloc_slab at ffffffff81121ba5
 0000010 [ffff883cd743da80] mempool_create_node at ffffffff81122083
 0000011 [ffff883cd743dad0] mempool_create at ffffffff811220f4
 0000012 [ffff883cd743dae0] pool_ctr at ffffffffa08de049 [dm_thin_pool]
 0000013 [ffff883cd743dbd0] dm_table_add_target at ffffffffa0005f2f [dm_mod]
 0000014 [ffff883cd743dc30] table_load at ffffffffa0008ba9 [dm_mod]
 0000015 [ffff883cd743dc90] ctl_ioctl at ffffffffa0009dc4 [dm_mod]

The race results in a NULL pointer because:

Process A (vgchange -ay -K):
 	a. send DM_LIST_VERSIONS_CMD ioctl;
 	b. pool_target not registered;
 	c. modprobe dm_thin_pool and wait until end.

Process B (vgchange -ay -K):
 	a. send DM_LIST_VERSIONS_CMD ioctl;
 	b. pool_target registered;
 	c. table_load->dm_table_add_target->pool_ctr;
 	d. _new_mapping_cache is NULL and panic.
Note:
 	1. process A and process B are two concurrent processes.
 	2. pool_target can be detected by process B but
 	_new_mapping_cache initialization has not ended.

To fix dm-thin-pool, and other targets (cache, multipath, and snapshot)
with the same problem, simply dm_register_target() after all resources
created during module init (as labelled with __init) are finished.

Signed-off-by: monty <monty_pavel@sina.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
[bwh: Backported to 3.16: adjust context]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
 		2019-07-27 21:46:15 +02:00
..
bcache This is the 3.10.102 stable release 2017-04-18 17:22:08 +02:00
persistent-data dm space map metadata: fix 'struct sm_metadata' leak on failed create 2019-07-27 21:43:29 +02:00
Kconfig Import latest Samsung release 2017-04-18 03:43:52 +02:00
Makefile Import latest Samsung release 2017-04-18 03:43:52 +02:00
bitmap.c md/bitmap: disable bitmap_resize for file-backed bitmaps. 2019-07-27 21:44:22 +02:00
bitmap.h
dm-android-verity.c ANDROID: dm: Add android verity target 2016-05-18 14:36:11 +05:30
dm-android-verity.h ANDROID: dm: Add android verity target 2016-05-18 14:36:11 +05:30
dm-bio-prison.c
dm-bio-prison.h
dm-bio-record.h
dm-bufio.c dm bufio: fix integer overflow when limiting maximum cache size 2019-07-27 21:46:08 +02:00
dm-bufio.h
dm-builtin.c
dm-cache-block-types.h
dm-cache-metadata.c dm cache: fix missing ERR_PTR returns and handling 2015-02-05 22:35:37 -08:00
dm-cache-metadata.h
dm-cache-policy-cleaner.c dm cache: fix NULL pointer when switching from cleaner policy 2015-10-22 14:37:53 -07:00
dm-cache-policy-internal.h
dm-cache-policy-mq.c
dm-cache-policy.c
dm-cache-policy.h
dm-cache-target.c dm: fix various targets to dm_register_target after module __init resources created 2019-07-27 21:46:15 +02:00
dm-crypt.c dm crypt: mark key as invalid until properly loaded 2019-07-27 21:43:29 +02:00
dm-delay.c
dm-dirty.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
dm-exception-store.c
dm-exception-store.h dm snapshot: fix hung bios when copy error occurs 2016-03-03 15:06:23 -08:00
dm-flakey.c
dm-io.c dm io: reject unsupported DISCARD requests with EOPNOTSUPP 2015-03-18 13:22:34 +01:00
dm-ioctl.c dm ioctl: prevent stack leak in dm ioctl call 2017-09-04 01:21:07 -07:00
dm-kcopyd.c
dm-linear.c
dm-log-userspace-base.c
dm-log-userspace-transfer.c
dm-log-userspace-transfer.h
dm-log.c
dm-mpath.c dm: fix various targets to dm_register_target after module __init resources created 2019-07-27 21:46:15 +02:00
dm-mpath.h
dm-path-selector.c
dm-path-selector.h
dm-queue-length.c
dm-raid.c dm raid: fix round up of default region size 2015-10-22 14:37:50 -07:00
dm-raid1.c dm mirror: do not degrade the mirror on discard error 2015-03-18 13:22:34 +01:00
dm-region-hash.c
dm-req-crypt.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
dm-round-robin.c
dm-service-time.c
dm-snap-persistent.c dm snapshot: fix hung bios when copy error occurs 2016-03-03 15:06:23 -08:00
dm-snap-transient.c dm snapshot: fix hung bios when copy error occurs 2016-03-03 15:06:23 -08:00
dm-snap.c dm: fix various targets to dm_register_target after module __init resources created 2019-07-27 21:46:15 +02:00
dm-stripe.c
dm-sysfs.c
dm-table.c dm: discard support requires all targets in a table support discards 2019-07-27 21:46:08 +02:00
dm-target.c
dm-thin-metadata.c dm thin metadata: fix bug when taking a metadata snapshot 2016-03-03 15:06:19 -08:00
dm-thin-metadata.h
dm-thin.c dm: fix various targets to dm_register_target after module __init resources created 2019-07-27 21:46:15 +02:00
dm-uevent.c
dm-uevent.h
dm-verity-fec.c dm verity: add ignore_zero_blocks feature 2016-05-18 14:34:43 +05:30
dm-verity-fec.h dm verity: add support for forward error correction 2016-05-18 14:34:43 +05:30
dm-verity-target.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
dm-verity.h ANDROID: dm: Add android verity target 2016-05-18 14:36:11 +05:30
dm-zero.c
dm.c dm: fix race between dm_get_from_kobject() and __dm_destroy() 2019-07-27 21:46:07 +02:00
dm.h
faulty.c
linear.c md linear: fix a race between linear_add() and linear_congested() 2019-07-27 21:43:30 +02:00
linear.h md linear: fix a race between linear_add() and linear_congested() 2019-07-27 21:43:30 +02:00
md.c md: fix super_offset endianness in super_1_rdev_size_change 2019-07-27 21:44:23 +02:00
md.h
multipath.c
multipath.h
raid0.c
raid0.h
raid1.c md: don't use flush_signals in userspace processes 2019-07-27 21:44:54 +02:00
raid1.h
raid5.c md: don't use flush_signals in userspace processes 2019-07-27 21:44:54 +02:00
raid5.h
raid10.c md/raid10: submit bio directly to replacement disk 2019-07-27 21:44:23 +02:00
raid10.h