linux/drivers
Mikulas Patocka b87570f5d3 Fix a crash when block device is read and block size is changed at the same time
The kernel may crash when block size is changed and I/O is issued
simultaneously.

Because some subsystems (udev or lvm) may read any block device anytime,
the bug actually puts any code that changes a block device size in
jeopardy.

The crash can be reproduced if you place "msleep(1000)" to
blkdev_get_blocks just before "bh->b_size = max_blocks <<
inode->i_blkbits;".
Then, run "dd if=/dev/ram0 of=/dev/null bs=4k count=1 iflag=direct"
While it is waiting in msleep, run "blockdev --setbsz 2048 /dev/ram0"
You get a BUG.

The direct and non-direct I/O is written with the assumption that block
size does not change. It doesn't seem practical to fix these crashes
one-by-one there may be many crash possibilities when block size changes
at a certain place and it is impossible to find them all and verify the
code.

This patch introduces a new rw-lock bd_block_size_semaphore. The lock is
taken for read during I/O. It is taken for write when changing block
size. Consequently, block size can't be changed while I/O is being
submitted.

For asynchronous I/O, the patch only prevents block size change while
the I/O is being submitted. The block size can change when the I/O is in
progress or when the I/O is being finished. This is acceptable because
there are no accesses to block size when asynchronous I/O is being
finished.

The patch prevents block size changing while the device is mapped with
mmap.

Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2012-09-26 07:46:40 +02:00
..
accessibility
acpi Merge branch 'drm-fixes-3.6' of git://people.freedesktop.org/~agd5f/linux into drm-fixes 2012-08-22 09:18:49 +10:00
amba
ata libata: Add a space to " 2GB ATA Flash Disk" DMA blacklist entry 2012-08-25 10:16:45 -04:00
atm drivers/atm/iphase.c: fix error return code 2012-08-06 13:29:57 -07:00
auxdisplay
base dmesg fix for 3.6-rc3 2012-08-20 13:13:47 -07:00
bcma bcma: BCM43228 support 2012-08-02 13:51:46 -04:00
block block: Add bio_clone_bioset(), bio_clone_kmalloc() 2012-09-09 10:35:39 +02:00
bluetooth Bluetooth: add support for atheros 0489:e057 2012-08-06 15:33:05 -03:00
cdrom
char Fix a crash when block device is read and block size is changed at the same time 2012-09-26 07:46:40 +02:00
clk clk: validate pointer in __clk_disable() 2012-07-30 17:25:13 -07:00
clocksource cs5535-clockevt: typo, it's MFGPT, not MFPGT 2012-08-21 16:45:02 -07:00
connector
cpufreq Merge branch 'imx/fixes-for-3.6' of git://git.linaro.org/people/shawnguo/linux-2.6 into fixes 2012-08-23 17:02:42 +02:00
cpuidle cpuidle: Prevent null pointer dereference in cpuidle_coupled_cpu_notify 2012-08-17 19:37:08 +02:00
crypto Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2012-08-23 21:58:04 -07:00
dca
devfreq
dio
dma dma: tegra: enable/disable dma clock 2012-08-13 10:15:22 +05:30
edac
eisa
extcon extcon: extcon_gpio: Replace gpio_request_one by devm_gpio_request_one 2012-08-16 10:29:08 -07:00
firewire
firmware This patch series contains a major revamp of how we collect entropy 2012-07-31 19:07:42 -07:00
gpio gpio: rdc321x: Prevent removal of modules exporting active GPIOs 2012-09-01 12:52:24 +02:00
gpu drm: Add EDID_QUIRK_FORCE_REDUCED_BLANKING for ASUS VW222S 2012-08-30 14:14:12 +10:00
hid dj: memory scribble in logi_dj 2012-09-05 19:37:08 -07:00
hsi
hv This patch series contains a major revamp of how we collect entropy 2012-07-31 19:07:42 -07:00
hwmon hwmon: (asus_atk0110) Add quirk for Asus M5A78L 2012-08-22 22:33:31 -07:00
hwspinlock
i2c i2c: tegra: protect suspend/resume callbacks with CONFIG_PM_SLEEP 2012-08-18 20:45:09 +02:00
ide ide: fix generic_ide_suspend/resume Oops 2012-08-21 14:54:42 -07:00
idle intel_idle: Check cpu_idle_get_driver() for NULL before dereferencing it. 2012-08-17 19:37:14 +02:00
ieee802154
iio iio: lm3533-als: Fix build warnings 2012-08-16 20:24:38 +01:00
infiniband Merge branches 'cma', 'ipoib', 'misc', 'mlx4', 'ocrdma', 'qib' and 'srp' into for-next 2012-08-16 09:38:39 -07:00
input Input: eeti_ts: pass gpio value instead of IRQ 2012-08-09 15:16:41 +02:00
iommu iommu/amd: Fix wrong check for ARRAY_SIZE() 2012-08-10 11:34:08 +02:00
isdn mISDN: Bugfix for layer2 fixed TEI mode 2012-08-06 13:22:50 -07:00
leds leds: renesas: fix error handling 2012-08-13 14:34:02 +08:00
lguest
macintosh
md block: Implement support for WRITE SAME 2012-09-20 14:31:45 +02:00
media Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media 2012-08-21 16:54:38 -07:00
memory
memstick
message drivers/message/i2o/i2o_config.c: bound allocation 2012-07-30 17:25:17 -07:00
mfd More USB patches for 3.6-rc3 2012-08-20 13:14:22 -07:00
misc drivers/misc/sgi-xp/xpc_uv.c: SGI XPC fails to load when cpu 0 is out of IRQ resources 2012-08-21 16:45:03 -07:00
mmc mmc: omap: fix broken PIO mode 2012-09-04 13:58:11 -04:00
mtd UBI: fix a horrible memory deallocation bug 2012-09-04 09:40:26 +03:00
net net: qmi_wwan: add several new Gobi devices 2012-09-01 22:49:34 -04:00
nfc
nubus
of dt: introduce for_each_available_child_of_node, of_get_next_available_child 2012-08-20 02:16:00 -07:00
oprofile
parisc
parport
pci PCI: EHCI: Fix crash during hibernation on ASUS computers 2012-08-15 11:51:19 -06:00
pcmcia
pinctrl pinctrl/nomadik: add kp_b_2 keyboard function group list 2012-08-17 11:09:58 +02:00
platform ideapad: add Lenovo IdeaPad Z570 support (part 3) 2012-08-20 12:44:41 -04:00
pnp
power Merge branch 'for-linus-3.6' of git://dev.laptop.org/users/dilinger/linux-olpc 2012-08-02 11:52:39 -07:00
pps pps: return PTR_ERR on error in device_create 2012-07-30 17:25:21 -07:00
ps3
ptp
pwm pwm: Improve Kconfig help text 2012-08-20 11:58:43 +02:00
rapidio rapidio/tsi721: fix unused variable compiler warning 2012-08-21 16:45:03 -07:00
regulator regulator: twl-regulator: fix up VINTANA1/VINTANA2 2012-08-15 17:19:01 +01:00
remoteproc
rpmsg
rtc Fixes for AT91 related to: 2012-08-27 17:07:37 -07:00
s390 s390/dasd: fix ioctl return value 2012-08-28 10:08:31 +02:00
sbus
scsi Merge branch 'for-3.6/core' of git://git.kernel.dk/linux-block 2012-08-01 09:02:41 -07:00
sfi
sh sh: intc: Handle domain association for sparseirq pre-allocated vectors. 2012-08-09 13:21:05 +09:00
sn
spi Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2012-08-25 11:45:04 -07:00
ssb
staging More USB patches for 3.6-rc3 2012-08-20 13:14:22 -07:00
target block: Generalized bio pool freeing 2012-09-09 10:35:38 +02:00
tc
thermal The tag contains just a few battery-related changes for v3.6. It's is 2012-07-31 18:08:25 -07:00
tty pmac_zilog,kdb: Fix console poll hook to return instead of loop 2012-08-16 12:20:20 -07:00
uio
usb More USB patches for 3.6-rc3 2012-08-20 13:14:22 -07:00
uwb
vfio vfio: grab vfio_device reference *before* exposing the sucker via fd_install() 2012-08-22 10:26:42 -04:00
vhost tcm_vhost: Fix vhost_scsi_target structure alignment 2012-08-20 14:52:11 -07:00
video OMAPFB: fix framebuffer console colors 2012-08-23 12:37:22 +00:00
virt
virtio
vlynq
vme
w1 1-Wire: Add support for the maxim ds1825 temperature sensor 2012-08-16 12:33:59 -07:00
watchdog watchdog: da9052: Remove duplicate inclusion of delay.h 2012-08-29 17:13:06 +02:00
xen Three bug-fixes: 2012-08-25 17:31:59 -07:00
zorro
Kconfig vfio: VFIO core 2012-07-31 08:16:22 -06:00
Makefile vfio: VFIO core 2012-07-31 08:16:22 -06:00