[PATCH] drivers: xen-blkfront: only talk_to_blkback() when in XenbusStateInitialising
From: Konrad Rzeszutek Wilk
Date: Mon Jun 22 2015 - 09:56:44 EST
From: Bob Liu <bob.liu@xxxxxxxxxx>
Patch 69b91ede5cab843dcf345c28bd1f4b5a99dacd9b
"drivers: xen-blkback: delay pending_req allocation to connect_ring"
exposed an problem that Xen blkfront has. There is a race
with XenStored and the drivers such that we can see two:
vbd vbd-268440320: blkfront:blkback_changed to state 2.
vbd vbd-268440320: blkfront:blkback_changed to state 2.
vbd vbd-268440320: blkfront:blkback_changed to state 4.
state changes to XenbusStateInitWait ('2'). The end result is that
blkback_changed() receives two notify and calls twice setup_blkring().
While the backend driver may only get the first setup_blkring() which is
wrong and reads out-dated (or reads them as they are being updated
with new ring-ref values).
The end result is that the ring ends up being incorrectly set.
Reported-and-Tested-by: Robert Butera <robert.butera@xxxxxxxxxx>
Signed-off-by: Bob Liu <bob.liu@xxxxxxxxxx>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
---
drivers/block/xen-blkfront.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/block/xen-blkfront.c b/drivers/block/xen-blkfront.c
index d3c1a95..fc770b7 100644
--- a/drivers/block/xen-blkfront.c
+++ b/drivers/block/xen-blkfront.c
@@ -1951,6 +1951,8 @@ static void blkback_changed(struct xenbus_device *dev,
switch (backend_state) {
case XenbusStateInitWait:
+ if (dev->state != XenbusStateInitialising)
+ break;
if (talk_to_blkback(dev, info)) {
kfree(info);
dev_set_drvdata(&dev->dev, NULL);
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
Please read the FAQ at http://www.tux.org/lkml/