diff options
author | James Bottomley <JBottomley@Parallels.com> | 2013-10-25 11:26:38 +0200 |
---|---|---|
committer | James Bottomley <JBottomley@Parallels.com> | 2013-10-25 11:59:32 +0200 |
commit | 98481ff0bb8792ebfb832e330e56d3c629ba5fa6 (patch) | |
tree | aa1b08cd6848d0ab8e1110480ef701eb0e2a3ce1 | |
parent | [SCSI] Revert "sg: checking sdp->detached isn't protected when open" (diff) | |
download | linux-98481ff0bb8792ebfb832e330e56d3c629ba5fa6.tar.xz linux-98481ff0bb8792ebfb832e330e56d3c629ba5fa6.zip |
[SCSI] Revert "sg: no need sg_open_exclusive_lock"
This reverts commit 00b2d9d6d05b56fc1d77071ff8ccbd2c65b48dec.
This is one of four patches that was causing this bug
[ 205.372823] ================================================
[ 205.372901] [ BUG: lock held when returning to user space! ]
[ 205.372979] 3.12.0-rc6-hw-debug-pagealloc+ #67 Not tainted
[ 205.373055] ------------------------------------------------
[ 205.373132] megarc.bin/5283 is leaving the kernel with locks still held!
[ 205.373212] 1 lock held by megarc.bin/5283:
[ 205.373285] #0: (&sdp->o_sem){.+.+..}, at: [<ffffffff8161e650>] sg_open+0x3a0/0x4d0
Cc: Vaughan Cao <vaughan.cao@oracle.com>
Acked-by: Douglas Gilbert <dgilbert@interlog.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
-rw-r--r-- | drivers/scsi/sg.c | 34 |
1 files changed, 29 insertions, 5 deletions
diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c index d4af13269e85..4efa9b5884b7 100644 --- a/drivers/scsi/sg.c +++ b/drivers/scsi/sg.c @@ -105,6 +105,8 @@ static int scatter_elem_sz_prev = SG_SCATTER_SZ; static int sg_add(struct device *, struct class_interface *); static void sg_remove(struct device *, struct class_interface *); +static DEFINE_SPINLOCK(sg_open_exclusive_lock); + static DEFINE_IDR(sg_index_idr); static DEFINE_RWLOCK(sg_index_lock); /* Also used to lock file descriptor list for device */ @@ -174,6 +176,7 @@ typedef struct sg_device { /* holds the state of each scsi generic device */ struct list_head sfds; struct rw_semaphore o_sem; /* exclude open should hold this rwsem */ volatile char detached; /* 0->attached, 1->detached pending removal */ + /* exclude protected by sg_open_exclusive_lock */ char exclude; /* opened for exclusive access */ char sgdebug; /* 0->off, 1->sense, 9->dump dev, 10-> all devs */ struct gendisk *disk; @@ -222,6 +225,27 @@ static int sg_allow_access(struct file *filp, unsigned char *cmd) return blk_verify_command(cmd, filp->f_mode & FMODE_WRITE); } +static int get_exclude(Sg_device *sdp) +{ + unsigned long flags; + int ret; + + spin_lock_irqsave(&sg_open_exclusive_lock, flags); + ret = sdp->exclude; + spin_unlock_irqrestore(&sg_open_exclusive_lock, flags); + return ret; +} + +static int set_exclude(Sg_device *sdp, char val) +{ + unsigned long flags; + + spin_lock_irqsave(&sg_open_exclusive_lock, flags); + sdp->exclude = val; + spin_unlock_irqrestore(&sg_open_exclusive_lock, flags); + return val; +} + static int sfds_list_empty(Sg_device *sdp) { unsigned long flags; @@ -293,7 +317,7 @@ sg_open(struct inode *inode, struct file *filp) } /* Since write lock is held, no need to check sfd_list */ if (flags & O_EXCL) - sdp->exclude = 1; /* used by release lock */ + set_exclude(sdp, 1); if (sdp->detached) { retval = -ENODEV; @@ -313,7 +337,7 @@ sg_open(struct inode *inode, struct file *filp) retval = -ENOMEM; sem_out: if (flags & O_EXCL) { - sdp->exclude = 0; /* undo if error */ + set_exclude(sdp, 0); /* undo if error */ up_write(&sdp->o_sem); } else up_read(&sdp->o_sem); @@ -340,8 +364,8 @@ sg_release(struct inode *inode, struct file *filp) return -ENXIO; SCSI_LOG_TIMEOUT(3, printk("sg_release: %s\n", sdp->disk->disk_name)); - excl = sdp->exclude; - sdp->exclude = 0; + excl = get_exclude(sdp); + set_exclude(sdp, 0); if (excl) up_write(&sdp->o_sem); else @@ -2598,7 +2622,7 @@ static int sg_proc_seq_show_debug(struct seq_file *s, void *v) scsidp->lun, scsidp->host->hostt->emulated); seq_printf(s, " sg_tablesize=%d excl=%d\n", - sdp->sg_tablesize, sdp->exclude); + sdp->sg_tablesize, get_exclude(sdp)); sg_proc_debug_helper(s, sdp); } read_unlock_irqrestore(&sg_index_lock, iflags); |