iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/drivers/md
History
Song Liu 0f9650bd83 md: fix NULL pointer deref with nowait but no mddev->queue 
Leon reported NULL pointer deref with nowait support:

[   15.123761] device-mapper: raid: Loading target version 1.15.1
[   15.124185] device-mapper: raid: Ignoring chunk size parameter for RAID 1
[   15.124192] device-mapper: raid: Choosing default region size of 4MiB
[   15.129524] BUG: kernel NULL pointer dereference, address: 0000000000000060
[   15.129530] #PF: supervisor write access in kernel mode
[   15.129533] #PF: error_code(0x0002) - not-present page
[   15.129535] PGD 0 P4D 0
[   15.129538] Oops: 0002 [#1] PREEMPT SMP NOPTI
[   15.129541] CPU: 5 PID: 494 Comm: ldmtool Not tainted 5.17.0-rc2-1-mainline #1 9fe89d43dfcb215d2731e6f8851740520778615e
[   15.129546] Hardware name: Gigabyte Technology Co., Ltd. X570 AORUS ELITE/X570 AORUS ELITE, BIOS F36e 10/14/2021
[   15.129549] RIP: 0010:blk_queue_flag_set+0x7/0x20
[   15.129555] Code: 00 00 00 0f 1f 44 00 00 48 8b 35 e4 e0 04 02 48 8d 57 28 bf 40 01 \
       00 00 e9 16 c1 be ff 66 0f 1f 44 00 00 0f 1f 44 00 00 89 ff <f0> 48 0f ab 7e 60 \
       31 f6 89 f7 c3 66 66 2e 0f 1f 84 00 00 00 00 00
[   15.129559] RSP: 0018:ffff966b81987a88 EFLAGS: 00010202
[   15.129562] RAX: ffff8b11c363a0d0 RBX: ffff8b11e294b070 RCX: 0000000000000000
[   15.129564] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000001d
[   15.129566] RBP: ffff8b11e294b058 R08: 0000000000000000 R09: 0000000000000000
[   15.129568] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8b11e294b070
[   15.129570] R13: 0000000000000000 R14: ffff8b11e294b000 R15: 0000000000000001
[   15.129572] FS:  00007fa96e826780(0000) GS:ffff8b18deb40000(0000) knlGS:0000000000000000
[   15.129575] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   15.129577] CR2: 0000000000000060 CR3: 000000010b8ce000 CR4: 00000000003506e0
[   15.129580] Call Trace:
[   15.129582]  <TASK>
[   15.129584]  md_run+0x67c/0xc70 [md_mod 1e470c1b6bcf1114198109f42682f5a2740e9531]
[   15.129597]  raid_ctr+0x134a/0x28ea [dm_raid 6a645dd7519e72834bd7e98c23497eeade14cd63]
[   15.129604]  ? dm_split_args+0x63/0x150 [dm_mod 0d7b0bc3414340a79c4553bae5ca97294b78336e]
[   15.129615]  dm_table_add_target+0x188/0x380 [dm_mod 0d7b0bc3414340a79c4553bae5ca97294b78336e]
[   15.129625]  table_load+0x13b/0x370 [dm_mod 0d7b0bc3414340a79c4553bae5ca97294b78336e]
[   15.129635]  ? dev_suspend+0x2d0/0x2d0 [dm_mod 0d7b0bc3414340a79c4553bae5ca97294b78336e]
[   15.129644]  ctl_ioctl+0x1bd/0x460 [dm_mod 0d7b0bc3414340a79c4553bae5ca97294b78336e]
[   15.129655]  dm_ctl_ioctl+0xa/0x20 [dm_mod 0d7b0bc3414340a79c4553bae5ca97294b78336e]
[   15.129663]  __x64_sys_ioctl+0x8e/0xd0
[   15.129667]  do_syscall_64+0x5c/0x90
[   15.129672]  ? syscall_exit_to_user_mode+0x23/0x50
[   15.129675]  ? do_syscall_64+0x69/0x90
[   15.129677]  ? do_syscall_64+0x69/0x90
[   15.129679]  ? syscall_exit_to_user_mode+0x23/0x50
[   15.129682]  ? do_syscall_64+0x69/0x90
[   15.129684]  ? do_syscall_64+0x69/0x90
[   15.129686]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   15.129689] RIP: 0033:0x7fa96ecd559b
[   15.129692] Code: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c \
    c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff \
    ff 73 01 c3 48 8b 0d a5 a8 0c 00 f7 d8 64 89 01 48
[   15.129696] RSP: 002b:00007ffcaf85c258 EFLAGS: 00000206 ORIG_RAX: 0000000000000010
[   15.129699] RAX: ffffffffffffffda RBX: 00007fa96f1b48f0 RCX: 00007fa96ecd559b
[   15.129701] RDX: 00007fa97017e610 RSI: 00000000c138fd09 RDI: 0000000000000003
[   15.129702] RBP: 00007fa96ebab583 R08: 00007fa97017c9e0 R09: 00007ffcaf85bf27
[   15.129704] R10: 0000000000000001 R11: 0000000000000206 R12: 00007fa97017e610
[   15.129706] R13: 00007fa97017e640 R14: 00007fa97017e6c0 R15: 00007fa97017e530
[   15.129709]  </TASK>

This is caused by missing mddev->queue check for setting QUEUE_FLAG_NOWAIT
Fix this by moving the QUEUE_FLAG_NOWAIT logic to under mddev->queue check.

Fixes: f51d46d0e7cb ("md: add support for REQ_NOWAIT")
Reported-by: Leon Möller <jkhsjdhjs@totally.rip>
Tested-by: Leon Möller <jkhsjdhjs@totally.rip>
Cc: Vishal Verma <vverma@digitalocean.com>
Signed-off-by: Song Liu <song@kernel.org>
2022-02-02 10:14:07 -08:00
..
bcache
bcache: fix NULL pointer reference in cached_dev_detach_finish
2021-12-14 20:32:54 -07:00
persistent-data
dm space map common: add bounds check to sm_ll_lookup_bitmap()
2022-01-04 13:58:19 -05:00
dm-audit.c
dm: introduce audit event module for device mapper
2021-10-27 16:53:47 -04:00
dm-audit.h
dm: introduce audit event module for device mapper
2021-10-27 16:53:47 -04:00
dm-bio-prison-v1.c
dm bio prison: replace spin_lock_irqsave with spin_lock_irq
2019-11-05 14:53:03 -05:00
dm-bio-prison-v1.h
dm-bio-prison-v2.c
dm bio prison v2: use true/false for bool variable
2020-01-07 12:07:08 -05:00
dm-bio-prison-v2.h
dm-bio-record.h
block: move integrity handling out of <linux/blkdev.h>
2021-10-18 06:17:02 -06:00
dm-bufio.c
- Add DM core support for emitting audit events through the audit
2021-11-09 11:02:04 -08:00
dm-builtin.c
dm-cache-background-tracker.c
dm-cache-background-tracker.h
dm-cache-block-types.h
dm-cache-metadata.c
dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them
2021-10-18 14:43:22 -06:00
dm-cache-metadata.h
dm-cache-policy-internal.h
dm-cache-policy-smq.c
dm-cache-policy.c
dm-cache-policy.h
dm-cache-target.c
dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them
2021-10-18 14:43:22 -06:00
dm-clone-metadata.c
dm clone metadata: remove unused function
2021-04-19 13:20:31 -04:00
dm-clone-metadata.h
dm clone metadata: Fix return type of dm_clone_nr_of_hydrated_regions()
2020-03-27 14:42:51 -04:00
dm-clone-target.c
dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them
2021-10-18 14:43:22 -06:00
dm-core.h
blk-crypto: rename blk_keyslot_manager to blk_crypto_profile
2021-10-21 10:49:32 -06:00
dm-crypt.c
- Add DM core support for emitting audit events through the audit
2021-11-09 11:02:04 -08:00
dm-delay.c
dm: update target status functions to support IMA measurement
2021-08-10 13:34:23 -04:00
dm-dust.c
dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them
2021-10-18 14:43:22 -06:00
dm-ebs-target.c
dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them
2021-10-18 14:43:22 -06:00
dm-era-target.c
dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them
2021-10-18 14:43:22 -06:00
dm-exception-store.c
dm-exception-store.h
dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them
2021-10-18 14:43:22 -06:00
dm-flakey.c
dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them
2021-10-18 14:43:22 -06:00
dm-ima.c
mm: don't include <linux/blk-cgroup.h> in <linux/backing-dev.h>
2021-10-18 06:17:01 -06:00
dm-ima.h
dm ima: add version info to dm related events in ima log
2021-08-20 15:59:47 -04:00
dm-init.c
dm init: Set file local variable static
2020-08-04 15:51:28 -04:00
dm-integrity.c
dm integrity: Use struct_group() to zero struct journal_sector
2022-01-06 09:48:33 -05:00
dm-io-tracker.h
dm writecache: make writeback pause configurable
2021-06-28 16:30:13 -04:00
dm-io.c
block: Add bio_max_segs
2021-02-26 15:49:51 -07:00
dm-ioctl.c
dm ima: measure data on device rename
2021-08-10 13:34:23 -04:00
dm-kcopyd.c
dm writecache: have ssd writeback wait if the kcopyd workqueue is busy
2021-06-15 15:42:03 -04:00
dm-linear.c
dax: remove the copy_from_iter and copy_to_iter methods
2021-12-18 08:04:53 -08:00
dm-log-userspace-base.c
dm: update target status functions to support IMA measurement
2021-08-10 13:34:23 -04:00
dm-log-userspace-transfer.c
dm-log-userspace-transfer.h
dm-log-writes.c
dax: remove the copy_from_iter and copy_to_iter methods
2021-12-18 08:04:53 -08:00
dm-log.c
dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them
2021-10-18 14:43:22 -06:00
dm-mpath.c
block: remove the ->rq_disk field in struct request
2021-11-29 06:41:29 -07:00
dm-mpath.h
dm-path-selector.c
dm-path-selector.h
dm mpath: pass IO start time to path selector
2020-05-15 10:29:36 -04:00
dm-ps-historical-service-time.c
block: drop unused includes in <linux/blkdev.h>
2021-10-18 06:17:01 -06:00
dm-ps-io-affinity.c
dm: update target status functions to support IMA measurement
2021-08-10 13:34:23 -04:00
dm-ps-queue-length.c
dm: update target status functions to support IMA measurement
2021-08-10 13:34:23 -04:00
dm-ps-round-robin.c
dm: update target status functions to support IMA measurement
2021-08-10 13:34:23 -04:00
dm-ps-service-time.c
dm: update target status functions to support IMA measurement
2021-08-10 13:34:23 -04:00
dm-raid1.c
dm: update target status functions to support IMA measurement
2021-08-10 13:34:23 -04:00
dm-raid.c
dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them
2021-10-18 14:43:22 -06:00
dm-region-hash.c
dm-rq.c
block: remove the unused rq_end_sector macro
2021-10-18 06:17:01 -06:00
dm-rq.h
dm-snap-persistent.c
dm: update target status functions to support IMA measurement
2021-08-10 13:34:23 -04:00
dm-snap-transient.c
dm: update target status functions to support IMA measurement
2021-08-10 13:34:23 -04:00
dm-snap.c
dm: update target status functions to support IMA measurement
2021-08-10 13:34:23 -04:00
dm-stats.c
dm: replace zero-length array with flexible-array
2020-05-20 17:09:44 -04:00
dm-stats.h
dm-stripe.c
dax: remove the copy_from_iter and copy_to_iter methods
2021-12-18 08:04:53 -08:00
dm-switch.c
dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them
2021-10-18 14:43:22 -06:00
dm-sysfs.c
dm sysfs: use default_groups in kobj_type
2022-01-06 09:48:55 -05:00
dm-table.c
dax: remove dax_capable
2021-12-04 08:58:51 -08:00
dm-target.c
dm mpath: fix missing call of path selector type->end_io
2019-04-25 15:38:52 -04:00
dm-thin-metadata.c
dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them
2021-10-18 14:43:22 -06:00
dm-thin-metadata.h
dm thin metadata: Add support for a pre-commit callback
2019-12-05 17:05:24 -05:00
dm-thin.c
dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them
2021-10-18 14:43:22 -06:00
dm-uevent.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156
2019-05-30 11:26:35 -07:00
dm-uevent.h
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156
2019-05-30 11:26:35 -07:00
dm-unstripe.c
dm: update target status functions to support IMA measurement
2021-08-10 13:34:23 -04:00
dm-verity-fec.c
dm verity fec: fix misaligned RS roots IO
2021-04-14 14:28:29 -04:00
dm-verity-fec.h
dm verity fec: fix misaligned RS roots IO
2021-04-14 14:28:29 -04:00
dm-verity-target.c
- Add DM core support for emitting audit events through the audit
2021-11-09 11:02:04 -08:00
dm-verity-verify-sig.c
dm verity: fix require_signatures module_param permissions
2021-05-25 16:14:05 -04:00
dm-verity-verify-sig.h
dm verity: Fix compilation warning
2020-08-04 15:48:13 -04:00
dm-verity.h
dm verity: add "panic_on_corruption" error handling mode
2020-07-13 11:47:33 -04:00
dm-writecache.c
dm: make the DAX support depend on CONFIG_FS_DAX
2021-12-04 08:58:50 -08:00
dm-zero.c
dm: add support for REQ_NOWAIT to various targets
2020-12-04 18:04:35 -05:00
dm-zone.c
dm zone: fix dm_revalidate_zones() memory allocation
2021-06-25 15:25:23 -04:00
dm-zoned-metadata.c
dm zoned: check zone capacity
2021-06-04 12:07:28 -04:00
dm-zoned-reclaim.c
dm kcopyd: avoid useless atomic operations
2021-06-04 12:07:24 -04:00
dm-zoned-target.c
- Add DM core support for emitting audit events through the audit
2021-11-09 11:02:04 -08:00
dm-zoned.h
dm zoned: select reclaim zone based on device index
2020-06-05 14:59:53 -04:00
dm.c
dm: properly fix redundant bio-based IO accounting
2022-01-28 12:28:15 -07:00
dm.h
dax: remove dax_capable
2021-12-04 08:58:51 -08:00
Kconfig
dm integrity: log audit events for dm-integrity target
2021-10-27 16:54:36 -04:00
Makefile
dm: introduce audit event module for device mapper
2021-10-27 16:53:47 -04:00
md-autodetect.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
md-bitmap.c
md/bitmap: don't set max_write_behind if there is no write mostly device
2021-11-02 11:41:44 -07:00
md-bitmap.h
md-cluster.c
md: fix spelling of "its"
2022-01-06 08:37:03 -08:00
md-cluster.h
md-faulty.c
md: mark some personalities as deprecated
2021-06-14 22:32:07 -07:00
md-linear.c
md: mark some personalities as deprecated
2021-06-14 22:32:07 -07:00
md-linear.h
md/raid1: Replace zero-length array with flexible-array
2020-05-13 12:02:23 -07:00
md-multipath.c
md: mark some personalities as deprecated
2021-06-14 22:32:07 -07:00
md-multipath.h
md.c
md: fix NULL pointer deref with nowait but no mddev->queue
2022-02-02 10:14:07 -08:00
md.h
md: Move alloc/free acct bioset in to personality
2022-01-06 08:37:03 -08:00
raid0.c
md: Move alloc/free acct bioset in to personality
2022-01-06 08:37:03 -08:00
raid0.h
md/raid0: avoid RAID0 data corruption due to layout confusion.
2019-09-13 13:10:05 -07:00
raid1-10.c
md: drop queue limitation for RAID1 and RAID10
2022-01-06 08:37:02 -08:00
raid1.c
for-5.17/drivers-2022-01-11
2022-01-12 10:35:23 -08:00
raid1.h
md/raid1: enable io accounting
2021-06-14 22:32:07 -07:00
raid5-cache.c
block: rename BIO_MAX_PAGES to BIO_MAX_VECS
2021-03-11 07:47:48 -07:00
raid5-log.h
raid5-ppl.c
raid5-ppl: use swap() to make code cleaner
2021-11-02 11:41:45 -07:00
raid5.c
md: Move alloc/free acct bioset in to personality
2022-01-06 08:37:03 -08:00
raid5.h
md/raid5: play nice with PREEMPT_RT
2022-01-06 08:37:02 -08:00
raid10.c
md: raid10 add nowait support
2022-01-06 08:37:02 -08:00
raid10.h
md/raid10: enable io accounting
2021-06-14 22:32:07 -07:00