| Message ID | 1553005484-10584-1-git-send-email-marcin.dziegielewski@intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | lightnvm: add a lock to prevent before the race condition on pblk remove | expand |
> On 19 Mar 2019, at 15.24, Marcin Dziegielewski <marcin.dziegielewski@intel.com> wrote: > > When we trigger nvm target remove during device hot unplug, we > have a chance to hit general protection fault caused by use of > nvm_dev which was freed from another (hot unplug) thread (in > nvm_unregister function). > > This patch introduce lock in nvme_ioctl_dev_remove function to > prevent us before a situation like described above. > > Signed-off-by: Marcin Dziegielewski <marcin.dziegielewski@intel.com> > --- > drivers/lightnvm/core.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/drivers/lightnvm/core.c b/drivers/lightnvm/core.c > index 5f82036..84f0b9a 100644 > --- a/drivers/lightnvm/core.c > +++ b/drivers/lightnvm/core.c > @@ -1335,11 +1335,13 @@ static long nvm_ioctl_dev_remove(struct file *file, void __user *arg) > return -EINVAL; > } > > + down_read(&nvm_lock); > list_for_each_entry(dev, &nvm_devices, devices) { > ret = nvm_remove_tgt(dev, &remove); > if (!ret) > break; > } > + up_read(&nvm_lock); > > return ret; > } > -- > 1.8.3.1 Looks good to me. Reviewed-by: Javier González <javier@javigon.com>
On 3/21/19 10:17 AM, Javier González wrote: >> On 19 Mar 2019, at 15.24, Marcin Dziegielewski <marcin.dziegielewski@intel.com> wrote: >> >> When we trigger nvm target remove during device hot unplug, we >> have a chance to hit general protection fault caused by use of >> nvm_dev which was freed from another (hot unplug) thread (in >> nvm_unregister function). >> >> This patch introduce lock in nvme_ioctl_dev_remove function to >> prevent us before a situation like described above. >> >> Signed-off-by: Marcin Dziegielewski <marcin.dziegielewski@intel.com> >> --- >> drivers/lightnvm/core.c | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/drivers/lightnvm/core.c b/drivers/lightnvm/core.c >> index 5f82036..84f0b9a 100644 >> --- a/drivers/lightnvm/core.c >> +++ b/drivers/lightnvm/core.c >> @@ -1335,11 +1335,13 @@ static long nvm_ioctl_dev_remove(struct file *file, void __user *arg) >> return -EINVAL; >> } >> >> + down_read(&nvm_lock); >> list_for_each_entry(dev, &nvm_devices, devices) { >> ret = nvm_remove_tgt(dev, &remove); >> if (!ret) >> break; >> } >> + up_read(&nvm_lock); >> >> return ret; >> } >> -- >> 1.8.3.1 > > Looks good to me. > > > Reviewed-by: Javier González <javier@javigon.com> > Thanks Marcin. I've reworded the description a bit before pulling it in.
diff --git a/drivers/lightnvm/core.c b/drivers/lightnvm/core.c index 5f82036..84f0b9a 100644 --- a/drivers/lightnvm/core.c +++ b/drivers/lightnvm/core.c @@ -1335,11 +1335,13 @@ static long nvm_ioctl_dev_remove(struct file *file, void __user *arg) return -EINVAL; } + down_read(&nvm_lock); list_for_each_entry(dev, &nvm_devices, devices) { ret = nvm_remove_tgt(dev, &remove); if (!ret) break; } + up_read(&nvm_lock); return ret; }
When we trigger nvm target remove during device hot unplug, we have a chance to hit general protection fault caused by use of nvm_dev which was freed from another (hot unplug) thread (in nvm_unregister function). This patch introduce lock in nvme_ioctl_dev_remove function to prevent us before a situation like described above. Signed-off-by: Marcin Dziegielewski <marcin.dziegielewski@intel.com> --- drivers/lightnvm/core.c | 2 ++ 1 file changed, 2 insertions(+)