[v7,5/8] loop: be paranoid on exit and prevent new additions / removals

Commit Message

Luis Chamberlain June 19, 2020, 8:47 p.m. UTC

Be pedantic on removal as well and hold the mutex.
This should prevent uses of addition while we exit.

Reviewed-by: Ming Lei <ming.lei@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
---
 drivers/block/loop.c | 4 ++++
 1 file changed, 4 insertions(+)

Comments

Bart Van Assche June 20, 2020, 5:11 p.m. UTC | #1

On 2020-06-19 13:47, Luis Chamberlain wrote:
> Be pedantic on removal as well and hold the mutex.
> This should prevent uses of addition while we exit.
> 
> Reviewed-by: Ming Lei <ming.lei@redhat.com>
> Reviewed-by: Christoph Hellwig <hch@lst.de>
> Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
> ---
>  drivers/block/loop.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/drivers/block/loop.c b/drivers/block/loop.c
> index c33bbbfd1bd9..d55e1b52f076 100644
> --- a/drivers/block/loop.c
> +++ b/drivers/block/loop.c
> @@ -2402,6 +2402,8 @@ static void __exit loop_exit(void)
>  
>  	range = max_loop ? max_loop << part_shift : 1UL << MINORBITS;
>  
> +	mutex_lock(&loop_ctl_mutex);
> +
>  	idr_for_each(&loop_index_idr, &loop_exit_cb, NULL);
>  	idr_destroy(&loop_index_idr);
>  
> @@ -2409,6 +2411,8 @@ static void __exit loop_exit(void)
>  	unregister_blkdev(LOOP_MAJOR, "loop");
>  
>  	misc_deregister(&loop_misc);
> +
> +	mutex_unlock(&loop_ctl_mutex);
>  }
>  
>  module_init(loop_init);

Is try_module_get(fops->owner) called before a loop device is opened and
is module_put(fops->owner) called after a loop device is closed? Does
that mean that it is impossible to unload the loop driver while a loop
device is open? Does that mean that the above patch is not necessary or
did I perhaps miss something?

Thanks,

Bart.

Luis Chamberlain June 22, 2020, 12:27 p.m. UTC | #2

On Sat, Jun 20, 2020 at 10:11:46AM -0700, Bart Van Assche wrote:
> On 2020-06-19 13:47, Luis Chamberlain wrote:
> > Be pedantic on removal as well and hold the mutex.
> > This should prevent uses of addition while we exit.
> > 
> > Reviewed-by: Ming Lei <ming.lei@redhat.com>
> > Reviewed-by: Christoph Hellwig <hch@lst.de>
> > Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
> > ---
> >  drivers/block/loop.c | 4 ++++
> >  1 file changed, 4 insertions(+)
> > 
> > diff --git a/drivers/block/loop.c b/drivers/block/loop.c
> > index c33bbbfd1bd9..d55e1b52f076 100644
> > --- a/drivers/block/loop.c
> > +++ b/drivers/block/loop.c
> > @@ -2402,6 +2402,8 @@ static void __exit loop_exit(void)
> >  
> >  	range = max_loop ? max_loop << part_shift : 1UL << MINORBITS;
> >  
> > +	mutex_lock(&loop_ctl_mutex);
> > +
> >  	idr_for_each(&loop_index_idr, &loop_exit_cb, NULL);
> >  	idr_destroy(&loop_index_idr);
> >  
> > @@ -2409,6 +2411,8 @@ static void __exit loop_exit(void)
> >  	unregister_blkdev(LOOP_MAJOR, "loop");
> >  
> >  	misc_deregister(&loop_misc);
> > +
> > +	mutex_unlock(&loop_ctl_mutex);
> >  }
> >  
> >  module_init(loop_init);
> 
> Is try_module_get(fops->owner) called before a loop device is opened and
> is module_put(fops->owner) called after a loop device is closed? Does
> that mean that it is impossible to unload the loop driver while a loop
> device is open? Does that mean that the above patch is not necessary or
> did I perhaps miss something?

That's not the only way to add or remove the loop module though.

You may add/remove it manually. And again, as mentioned in the commit log,
I couldn't trigger a race myself, however this seemed the more pedantic
and careful strategy we can take.

Note: this will bring you sanity if you try to figure out *why* we still
get:

[235530.144343] debugfs: Directory 'loop0' with parent 'block' already present!
[235530.149477] blktrace: debugfs_dir not present for loop0 so skipping
[235530.232328] debugfs: Directory 'loop0' with parent 'block' already present!
[235530.238962] blktrace: debugfs_dir not present for loop0 so skipping

If you run run_0004.sh from break-blktrace [0]. Even with all my patches
merged we still run into this. And so the bug lies within the block
layer or on the driver. I haven't been able to find the issue yet.

[0] https://github.com/mcgrof/break-blktrace

  Luis

Bart Van Assche June 23, 2020, 2:16 a.m. UTC | #3

On 2020-06-22 05:27, Luis Chamberlain wrote:
> Note: this will bring you sanity if you try to figure out *why* we still
> get:
> 
> [235530.144343] debugfs: Directory 'loop0' with parent 'block' already present!
> [235530.149477] blktrace: debugfs_dir not present for loop0 so skipping
> [235530.232328] debugfs: Directory 'loop0' with parent 'block' already present!
> [235530.238962] blktrace: debugfs_dir not present for loop0 so skipping
> 
> If you run run_0004.sh from break-blktrace [0]. Even with all my patches
> merged we still run into this. And so the bug lies within the block
> layer or on the driver. I haven't been able to find the issue yet.
> 
> [0] https://github.com/mcgrof/break-blktrace

Thanks Luis for having shared this information. If I can find the time I
will have a look into this myself.

Bart.

Luis Chamberlain June 23, 2020, 4:56 p.m. UTC | #4

On Mon, Jun 22, 2020 at 07:16:15PM -0700, Bart Van Assche wrote:
> On 2020-06-22 05:27, Luis Chamberlain wrote:
> > Note: this will bring you sanity if you try to figure out *why* we still
> > get:
> > 
> > [235530.144343] debugfs: Directory 'loop0' with parent 'block' already present!
> > [235530.149477] blktrace: debugfs_dir not present for loop0 so skipping
> > [235530.232328] debugfs: Directory 'loop0' with parent 'block' already present!
> > [235530.238962] blktrace: debugfs_dir not present for loop0 so skipping
> > 
> > If you run run_0004.sh from break-blktrace [0]. Even with all my patches
> > merged we still run into this. And so the bug lies within the block
> > layer or on the driver. I haven't been able to find the issue yet.
> > 
> > [0] https://github.com/mcgrof/break-blktrace
> 
> Thanks Luis for having shared this information. If I can find the time I
> will have a look into this myself.

Let's keep track of it:

https://bugzilla.kernel.org/show_bug.cgi?id=208301

  Luis

Johannes Thumshirn June 23, 2020, 5:05 p.m. UTC | #5

On 22/06/2020 14:27, Luis Chamberlain wrote:
[...]> If you run run_0004.sh from break-blktrace [0]. Even with all my patches
> merged we still run into this. And so the bug lies within the block
> layer or on the driver. I haven't been able to find the issue yet.
> 
> [0] https://github.com/mcgrof/break-blktrace

Would it be a good idea to merge this into blktests? Maybe start a blktrace 
section for it, which could host other regression test for blktrace.

Thoughts?

Luis Chamberlain June 24, 2020, 12:08 p.m. UTC | #6

On Tue, Jun 23, 2020 at 05:05:01PM +0000, Johannes Thumshirn wrote:
> On 22/06/2020 14:27, Luis Chamberlain wrote:
> [...]> If you run run_0004.sh from break-blktrace [0]. Even with all my patches
> > merged we still run into this. And so the bug lies within the block
> > layer or on the driver. I haven't been able to find the issue yet.
> > 
> > [0] https://github.com/mcgrof/break-blktrace
> 
> Would it be a good idea to merge this into blktests? Maybe start a blktrace 
> section for it, which could host other regression test for blktrace.
> 
> Thoughts?

Absolutely! That is the goal as well.

  Luis

Patch

diff --git a/drivers/block/loop.c b/drivers/block/loop.c
index c33bbbfd1bd9..d55e1b52f076 100644
--- a/drivers/block/loop.c
+++ b/drivers/block/loop.c
@@ -2402,6 +2402,8 @@  static void __exit loop_exit(void)
 
 	range = max_loop ? max_loop << part_shift : 1UL << MINORBITS;
 
+	mutex_lock(&loop_ctl_mutex);
+
 	idr_for_each(&loop_index_idr, &loop_exit_cb, NULL);
 	idr_destroy(&loop_index_idr);
 
@@ -2409,6 +2411,8 @@  static void __exit loop_exit(void)
 	unregister_blkdev(LOOP_MAJOR, "loop");
 
 	misc_deregister(&loop_misc);
+
+	mutex_unlock(&loop_ctl_mutex);
 }
 
 module_init(loop_init);