hamza.kesraoui/sst-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
a1.2
sst-linux/drivers/md
History
Yu Kuai 032fa54f48 md/md-bitmap: Synchronize bitmap_get_stats() with bitmap lifetime 
[ Upstream commit 8d28d0ddb986f56920ac97ae704cc3340a699a30 ]

After commit ec6bb299c7c3 ("md/md-bitmap: add 'sync_size' into struct
md_bitmap_stats"), following panic is reported:

Oops: general protection fault, probably for non-canonical address
RIP: 0010:bitmap_get_stats+0x2b/0xa0
Call Trace:
 <TASK>
 md_seq_show+0x2d2/0x5b0
 seq_read_iter+0x2b9/0x470
 seq_read+0x12f/0x180
 proc_reg_read+0x57/0xb0
 vfs_read+0xf6/0x380
 ksys_read+0x6c/0xf0
 do_syscall_64+0x82/0x170
 entry_SYSCALL_64_after_hwframe+0x76/0x7e

Root cause is that bitmap_get_stats() can be called at anytime if mddev
is still there, even if bitmap is destroyed, or not fully initialized.
Deferenceing bitmap in this case can crash the kernel. Meanwhile, the
above commit start to deferencing bitmap->storage, make the problem
easier to trigger.

Fix the problem by protecting bitmap_get_stats() with bitmap_info.mutex.

Cc: stable@vger.kernel.org # v6.12+
Fixes: 32a7627cf3 ("[PATCH] md: optimised resync using Bitmap based intent logging")
Reported-and-tested-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Closes: https://lore.kernel.org/linux-raid/ca3a91a2-50ae-4f68-b317-abd9889f3907@oracle.com/T/#m6e5086c95201135e4941fe38f9efa76daf9666c5
Signed-off-by: Yu Kuai <yukuai3@huawei.com>
Link: https://lore.kernel.org/r/20250124092055.4050195-1-yukuai1@huaweicloud.com
Signed-off-by: Song Liu <song@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-03-07 16:56:28 +01:00
..
bcache bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again 2024-12-14 19:54:34 +01:00
persistent-data dm array: fix cursor index when skipping across block boundaries 2025-01-17 13:34:37 +01:00
dm-audit.c
dm-audit.h
dm-bio-prison-v1.c
dm-bio-prison-v1.h
dm-bio-prison-v2.c
dm-bio-prison-v2.h
dm-bio-record.h
dm-bufio.c dm io: Support IO priority 2024-03-26 18:21:02 -04:00
dm-builtin.c
dm-cache-background-tracker.c
dm-cache-background-tracker.h
dm-cache-block-types.h
dm-cache-metadata.c
dm-cache-metadata.h
dm-cache-policy-internal.h
dm-cache-policy-smq.c dm cache policy smq: ensure IO doesn't prevent cleaner policy progress 2023-08-03 10:24:17 +02:00
dm-cache-policy.c
dm-cache-policy.h dm: address indent/space issues 2024-03-26 18:21:02 -04:00
dm-cache-target.c dm cache: fix potential out-of-bounds access on the first resume 2024-11-14 13:15:15 +01:00
dm-clone-metadata.c bitmap: introduce generic optimized bitmap_size() 2024-08-29 17:30:14 +02:00
dm-clone-metadata.h
dm-clone-target.c
dm-core.h dm: limit the number of targets and parameter size area 2024-02-23 09:12:52 +01:00
dm-crypt.c dm-crypt: track tag_offset in convert_context 2025-02-21 13:49:44 +01:00
dm-delay.c dm-delay: fix a race between delay_presuspend and delay_bio 2023-12-03 07:32:11 +01:00
dm-dust.c
dm-ebs-target.c dm-ebs: don't set the flag DM_TARGET_PASSES_INTEGRITY 2025-01-17 13:34:41 +01:00
dm-era-target.c
dm-exception-store.c
dm-exception-store.h
dm-flakey.c
dm-ima.c
dm-ima.h
dm-init.c dm init: Handle minors larger than 255 2024-09-12 11:10:22 +02:00
dm-integrity.c dm-integrity: fix a race condition when accessing recalc_sector 2024-09-18 19:23:04 +02:00
dm-io-rewind.c
dm-io-tracker.h
dm-io.c dm io: Support IO priority 2024-03-26 18:21:02 -04:00
dm-ioctl.c dm resume: don't return EINVAL when signalled 2024-08-29 17:30:14 +02:00
dm-kcopyd.c dm io: Support IO priority 2024-03-26 18:21:02 -04:00
dm-linear.c
dm-log-userspace-base.c
dm-log-userspace-transfer.c dm: avoid split of quoted strings where possible 2023-07-19 16:22:07 +02:00
dm-log-userspace-transfer.h
dm-log-writes.c
dm-log.c dm io: Support IO priority 2024-03-26 18:21:02 -04:00
dm-mpath.c dm: fix undue/missing spaces 2023-07-19 16:22:07 +02:00
dm-mpath.h
dm-path-selector.c
dm-path-selector.h
dm-ps-historical-service-time.c
dm-ps-io-affinity.c
dm-ps-queue-length.c
dm-ps-round-robin.c
dm-ps-service-time.c dm: fix undue/missing spaces 2023-07-19 16:22:07 +02:00
dm-raid1.c dm io: Support IO priority 2024-03-26 18:21:02 -04:00
dm-raid.c dm-raid: fix lockdep waring in "pers->hot_add_disk" 2024-04-03 15:19:31 +02:00
dm-region-hash.c
dm-rq.c Revert "dm: requeue IO if mapping table not yet available" 2024-10-17 15:21:12 +02:00
dm-rq.h
dm-snap-persistent.c dm io: Support IO priority 2024-03-26 18:21:02 -04:00
dm-snap-transient.c dm: avoid split of quoted strings where possible 2023-07-19 16:22:07 +02:00
dm-snap.c dm snapshot: fix lockup in dm_exception_table_exit 2024-04-03 15:19:39 +02:00
dm-stats.c
dm-stats.h
dm-stripe.c dm: avoid split of quoted strings where possible 2023-07-19 16:22:07 +02:00
dm-switch.c
dm-sysfs.c
dm-table.c dm: address indent/space issues 2024-03-26 18:21:02 -04:00
dm-target.c
dm-thin-metadata.c dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client 2024-01-01 12:39:05 +00:00
dm-thin-metadata.h
dm-thin.c dm thin: make get_first_thin use rcu-safe list first function 2025-01-17 13:34:41 +01:00
dm-uevent.c
dm-uevent.h dm: fix undue/missing spaces 2023-07-19 16:22:07 +02:00
dm-unstripe.c dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow 2024-11-14 13:15:16 +01:00
dm-verity-fec.c dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) 2025-01-17 13:34:43 +01:00
dm-verity-fec.h
dm-verity-loadpin.c dm: verity-loadpin: Add NULL pointer check for 'bdev' parameter 2023-07-23 13:49:43 +02:00
dm-verity-target.c dm-verity: fix dm_is_verity_target() when dm-verity is builtin 2024-08-03 08:49:43 +02:00
dm-verity-verify-sig.c
dm-verity-verify-sig.h
dm-verity.h dm-verity, dm-crypt: align "struct bvec_iter" correctly 2024-03-26 18:20:26 -04:00
dm-writecache.c dm io: Support IO priority 2024-03-26 18:21:02 -04:00
dm-zero.c
dm-zone.c
dm-zoned-metadata.c dm: avoid split of quoted strings where possible 2023-07-19 16:22:07 +02:00
dm-zoned-reclaim.c
dm-zoned-target.c dm zoned: free dmz->ddev array in dmz_put_zoned_devices 2023-10-10 22:00:44 +02:00
dm-zoned.h
dm.c Revert "dm: requeue IO if mapping table not yet available" 2024-10-17 15:21:12 +02:00
dm.h
Kconfig dm audit: fix Kconfig so DM_AUDIT depends on BLK_DEV_DM 2024-01-20 11:50:08 +01:00
Makefile
md-autodetect.c
md-bitmap.c md/md-bitmap: Synchronize bitmap_get_stats() with bitmap lifetime 2025-03-07 16:56:28 +01:00
md-bitmap.h md/md-bitmap: add 'sync_size' into struct md_bitmap_stats 2025-03-07 16:56:28 +01:00
md-cluster.c md/md-bitmap: add 'sync_size' into struct md_bitmap_stats 2025-03-07 16:56:28 +01:00
md-cluster.h
md-faulty.c
md-linear.c md: add error_handlers for raid0 and linear 2023-09-13 09:42:44 +02:00
md-linear.h
md-multipath.c
md-multipath.h
md.c md/md-bitmap: Synchronize bitmap_get_stats() with bitmap lifetime 2025-03-07 16:56:28 +01:00
md.h md: add error_handlers for raid0 and linear 2023-09-13 09:42:44 +02:00
raid0.c md: raid0: account for split bio in iostat accounting 2023-09-13 09:42:44 +02:00
raid0.h md/raid0: add discard support for the 'original' layout 2023-07-23 13:49:37 +02:00
raid1-10.c
raid1.c md/raid1: Use blk_opf_t for read and write operations 2024-01-25 15:27:43 -08:00
raid1.h
raid5-cache.c md/raid5-cache: use READ_ONCE/WRITE_ONCE for 'conf->log' 2024-08-29 17:30:30 +02:00
raid5-log.h
raid5-ppl.c
raid5.c md/raid5: avoid BUG_ON() while continue reshape after reassembling 2024-08-14 13:52:45 +02:00
raid5.h
raid10.c md/raid10: improve code of mrdev in raid10_sync_request 2024-11-17 15:07:21 +01:00
raid10.h