[PATCH 06/14] loop: Split setting of lo_state from loop_clr_fd

Move setting of lo_state to Lo_rundown out into the callers. That will allow us to unlock loop_ctl_mutex while the loop device is protected from other changes by its special state. Signed-off-by: Jan Kara --- drivers/block/loop.c | 52 +++- 1 file

[PATCH 02/14] block/loop: Use global lock for ioctl() operation.

suo Handa Reported-by: syzbot Reviewed-by: Jan Kara Signed-off-by: Jan Kara --- drivers/block/loop.c | 58 ++-- drivers/block/loop.h | 1 - 2 files changed, 29 insertions(+), 30 deletions(-) diff --git a/drivers/block/loop.c b/drivers/block/loo

[PATCH 01/14] block/loop: Don't grab "struct file" for vfs_getattr() operation.

From: Tetsuo Handa vfs_getattr() needs "struct path" rather than "struct file". Let's use path_get()/path_put() rather than get_file()/fput(). Signed-off-by: Tetsuo Handa Reviewed-by: Jan Kara Signed-off-by: Jan Kara --- drivers/block/loop.c | 10 +- 1 file c

[PATCH 09/14] loop: Push loop_ctl_mutex down to loop_set_status()

Push loop_ctl_mutex down to loop_set_status(). We will need this to be able to call loop_reread_partitions() without loop_ctl_mutex. Signed-off-by: Jan Kara --- drivers/block/loop.c | 51 +-- 1 file changed, 25 insertions(+), 26 deletions(-) diff

[PATCH 10/14] loop: Push loop_ctl_mutex down to loop_set_fd()

Push lo_ctl_mutex down to loop_set_fd(). We will need this to be able to call loop_reread_partitions() without lo_ctl_mutex. Signed-off-by: Jan Kara --- drivers/block/loop.c | 26 ++ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/drivers/block/loop.c b

[PATCH 12/14] loop: Move special partition reread handling in loop_clr_fd()

because we use only lo->lo_number and lo->lo_file_name in case of error for reporting purposes (thus possibly reporting outdate information is not a big deal) and we are safe from 'lo' going away under us by elevated lo->lo_refcnt. Signed-off-by: Jan Kara --- drivers/block/lo

[PATCH 11/14] loop: Push loop_ctl_mutex down to loop_change_fd()

Push loop_ctl_mutex down to loop_change_fd(). We will need this to be able to call loop_reread_partitions() without loop_ctl_mutex. Signed-off-by: Jan Kara --- drivers/block/loop.c | 22 +++--- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/drivers/block/loop.c

[PATCH 05/14] loop: Push lo_ctl_mutex down into individual ioctls

special handling to reduce unnecessary code duplication. Signed-off-by: Jan Kara --- drivers/block/loop.c | 88 +--- 1 file changed, 63 insertions(+), 25 deletions(-) diff --git a/drivers/block/loop.c b/drivers/block/loop.c index e35707fb8318

[PATCH 0/14] loop: Fix oops and possible deadlocks

Hi, this patch series fixes oops and possible deadlocks as reported by syzbot [1] [2]. The second patch in the series (from Tetsuo) fixes the oops, the remaining patches are cleaning up the locking in the loop driver so that we can in the end reasonably easily switch to rereading partitions

[PATCH 07/14] loop: Push loop_ctl_mutex down into loop_clr_fd()

loop_clr_fd() has a weird locking convention that is expects loop_ctl_mutex held, releases it on success and keeps it on failure. Untangle the mess by moving locking of loop_ctl_mutex into loop_clr_fd(). Signed-off-by: Jan Kara --- drivers/block/loop.c | 49

[PATCH 04/14] loop: Get rid of loop_index_mutex

Now that loop_ctl_mutex is global, just get rid of loop_index_mutex as there is no good reason to keep these two separate and it just complicates the locking. Signed-off-by: Jan Kara --- drivers/block/loop.c | 38 ++ 1 file changed, 18 insertions(+), 20

[PATCH 13/14] loop: Move loop_reread_partitions() out of loop_ctl_mutex

fix deadlock possibility. [1] https://syzkaller.appspot.com/bug?id=bf154052f0eea4bc7712499e4569505907d1588 Reported-by: syzbot Signed-off-by: Jan Kara --- drivers/block/loop.c | 19 ++- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/drivers/block/loop.c b/drivers/block/

[PATCH 03/14] loop: Fold __loop_release into loop_release

__loop_release() has a single call site. Fold it there. This is currently not a huge win but it will make following replacement of loop_index_mutex more obvious. Signed-off-by: Jan Kara --- drivers/block/loop.c | 16 +++- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git

[PATCH 14/14] loop: Fix deadlock when calling blkdev_reread_part()

kdep warning and the possible deadlock. [1] https://syzkaller.appspot.com/bug?id=bf154052f0eea4bc7712499e4569505907d1588 Reported-by: syzbot Signed-off-by: Jan Kara --- drivers/block/loop.c | 28 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/d

[PATCH 08/14] loop: Push loop_ctl_mutex down to loop_get_status()

Push loop_ctl_mutex down to loop_get_status() to avoid the unusual convention that the function gets called with loop_ctl_mutex held and releases it. Signed-off-by: Jan Kara --- drivers/block/loop.c | 37 ++--- 1 file changed, 10 insertions(+), 27 deletions

Re: [PATCH 4/4] block/loop: Fix circular locking dependency at blkdev_reread_part().

On Thu 27-09-18 20:35:27, Tetsuo Handa wrote: > On 2018/09/27 20:27, Jan Kara wrote: > > Hi, > > > > On Wed 26-09-18 00:26:49, Tetsuo Handa wrote: > >> syzbot is reporting circular locking dependency between bdev->bd_mutex > >> and lo-&g

Re: [PATCH 8/8] aio: support for IO polling

space calls io_destroy() while another process is polling for events on the same kioctx? It seems we'd be reaping events from two processes in parallel in that case which will result in various "interesting" effects like ctx->poll_completing list corruption... Honza -- Jan Kara SUSE Labs, CR

<    1   2   3   4   5