Re: [PATCH] block: prevent sending events from removed device
From: Christoph Hellwig
Date: Thu Jul 01 2021 - 03:42:34 EST
On Wed, Jun 30, 2021 at 08:09:39AM +0000, Christian L?hle wrote:
> Skip kobject_uevent_env in case the associated kobject
> no longer exists, as calling kobject_uevent_env with
> NULL is not safe.
>
I don't see how this is going to work. If the device is being
deleted the reference count will be zero and refcount_inc as
called from kobject_get will WARN. We'll need to check the
disk is marked up, and we need to do that under a lock.
Something like this completely untested patch:
diff --git a/block/disk-events.c b/block/disk-events.c
index a75931ff5da4..27b845c51f2a 100644
--- a/block/disk-events.c
+++ b/block/disk-events.c
@@ -190,6 +190,9 @@ static void disk_check_events(struct disk_events *ev,
spin_unlock_irq(&ev->lock);
+ if (!(disk->flags & GENHD_FL_UP))
+ return;
+
/*
* Tell userland about new events. Only the events listed in
* @disk->events are reported, and only if DISK_EVENT_FLAG_UEVENT
@@ -268,6 +271,8 @@ bool bdev_check_media_change(struct block_device *bdev)
{
unsigned int events;
+ lockdep_assert_held(&bdev->bd_disk->open_mutex);
+
events = disk_clear_events(bdev->bd_disk, DISK_EVENT_MEDIA_CHANGE |
DISK_EVENT_EJECT_REQUEST);
if (!(events & DISK_EVENT_MEDIA_CHANGE))
@@ -290,7 +295,10 @@ static void disk_events_workfn(struct work_struct *work)
struct delayed_work *dwork = to_delayed_work(work);
struct disk_events *ev = container_of(dwork, struct disk_events, dwork);
- disk_check_events(ev, &ev->clearing);
+ mutex_lock(&ev->disk->open_mutex);
+ if (ev->disk->flags & GENHD_FL_UP)
+ disk_check_events(ev, &ev->clearing);
+ mutex_unlock(&ev->disk->open_mutex);
}
/*
diff --git a/drivers/block/ataflop.c b/drivers/block/ataflop.c
index a093644ac39f..b8e77da44235 100644
--- a/drivers/block/ataflop.c
+++ b/drivers/block/ataflop.c
@@ -1735,8 +1735,10 @@ static int fd_locked_ioctl(struct block_device *bdev, fmode_t mode,
/* invalidate the buffer track to force a reread */
BufferDrive = -1;
set_bit(drive, &fake_change);
+ mutex_lock(&bdev->bd_disk->open_mutex);
if (bdev_check_media_change(bdev))
floppy_revalidate(bdev->bd_disk);
+ mutex_unlock(&bdev->bd_disk->open_mutex);
return 0;
default:
return -EINVAL;
diff --git a/drivers/block/floppy.c b/drivers/block/floppy.c
index 87460e0e5c72..2a97f22cfa0b 100644
--- a/drivers/block/floppy.c
+++ b/drivers/block/floppy.c
@@ -3185,8 +3185,10 @@ static int invalidate_drive(struct block_device *bdev)
/* invalidate the buffer track to force a reread */
set_bit((long)bdev->bd_disk->private_data, &fake_change);
process_fd_request();
+ mutex_lock(&bdev->bd_disk->open_mutex);
if (bdev_check_media_change(bdev))
floppy_revalidate(bdev->bd_disk);
+ mutex_unlock(&bdev->bd_disk->open_mutex);
return 0;
}