[dm-devel] [PATCH] dm raid: add missed unlock in raid_ctr
Heinz Mauelshagen
heinzm at redhat.com
Fri Sep 3 13:30:43 UTC 2021
On Fri, Sep 3, 2021 at 10:02 AM Dinghao Liu <dinghao.liu at zju.edu.cn> wrote:
> mddev_unlock() is called on all paths after we call mddev_lock_nointr(),
> except for three error handling paths, which may cause a deadlock. This
> bug is suggested by a static analysis tool, please advise.
>
Hi,
correct, those unlock calls are missing.
As we are bailing out after md_run() with lock held,
we can clean the lot of error paths underneath up by jumping to before
md_stop() and add the mddev_unlock upfront it like:
>From 5c72f1d07195127f5fd49bccbe0705854463c199 Mon Sep 17 00:00:00 2001
Message-Id: <
5c72f1d07195127f5fd49bccbe0705854463c199.1630675612.git.heinzm at redhat.com>
From: Heinz Mauelshagen <heinzm at redhat.com>
Date: Fri, 3 Sep 2021 15:26:50 +0200
Subject: [PATCH] dm raid: fix mddev unlocking in raid_ctr() error paths
Signed-off-by: Heinz Mauelshagen <heinzm at redhat.com>
---
drivers/md/dm-raid.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/drivers/md/dm-raid.c b/drivers/md/dm-raid.c
index d9ef52159a22..741bab00e922 100644
--- a/drivers/md/dm-raid.c
+++ b/drivers/md/dm-raid.c
@@ -3249,14 +3249,12 @@ static int raid_ctr(struct dm_target *ti, unsigned
int argc, char **argv)
rs->md.in_sync = 0; /* Assume already marked dirty */
if (r) {
ti->error = "Failed to run raid array";
- mddev_unlock(&rs->md);
- goto bad;
+ goto bad_unlock;
}
r = md_start(&rs->md);
if (r) {
ti->error = "Failed to start raid array";
- mddev_unlock(&rs->md);
goto bad_md_start;
}
@@ -3265,7 +3263,6 @@ static int raid_ctr(struct dm_target *ti, unsigned
int argc, char **argv)
r = r5c_journal_mode_set(&rs->md, rs->journal_dev.mode);
if (r) {
ti->error = "Failed to set raid4/5/6 journal mode";
- mddev_unlock(&rs->md);
goto bad_journal_mode_set;
}
}
@@ -3304,10 +3301,12 @@ static int raid_ctr(struct dm_target *ti, unsigned
int argc, char **argv)
mddev_unlock(&rs->md);
return 0;
+bad_unlock:
bad_md_start:
bad_journal_mode_set:
bad_stripe_cache:
bad_check_reshape:
+ mddev_unlock(&rs->md);
md_stop(&rs->md);
bad:
raid_set_free(rs);
--
2.31.1
-- lvmguy
>
> Fixes: 9dbd1aa3a81c ("dm raid: add reshaping support to the target")
> Signed-off-by: Dinghao Liu <dinghao.liu at zju.edu.cn>
> ---
> drivers/md/dm-raid.c | 9 +++++++--
> 1 file changed, 7 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/md/dm-raid.c b/drivers/md/dm-raid.c
> index d9ef52159a22..79f36a806082 100644
> --- a/drivers/md/dm-raid.c
> +++ b/drivers/md/dm-raid.c
> @@ -3276,15 +3276,19 @@ static int raid_ctr(struct dm_target *ti, unsigned
> int argc, char **argv)
> /* Try to adjust the raid4/5/6 stripe cache size to the stripe
> size */
> if (rs_is_raid456(rs)) {
> r = rs_set_raid456_stripe_cache(rs);
> - if (r)
> + if (r) {
> + mddev_unlock(&rs->md);
> goto bad_stripe_cache;
> + }
> }
>
> /* Now do an early reshape check */
> if (test_bit(RT_FLAG_RESHAPE_RS, &rs->runtime_flags)) {
> r = rs_check_reshape(rs);
> - if (r)
> + if (r) {
> + mddev_unlock(&rs->md);
> goto bad_check_reshape;
> + }
>
> /* Restore new, ctr requested layout to perform check */
> rs_config_restore(rs, &rs_layout);
> @@ -3293,6 +3297,7 @@ static int raid_ctr(struct dm_target *ti, unsigned
> int argc, char **argv)
> r = rs->md.pers->check_reshape(&rs->md);
> if (r) {
> ti->error = "Reshape check failed";
> + mddev_unlock(&rs->md);
> goto bad_check_reshape;
> }
> }
> --
> 2.17.1
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/dm-devel/attachments/20210903/a30481ce/attachment.htm>
More information about the dm-devel
mailing list