summaryrefslogtreecommitdiffstats
path: root/drivers/md/multipath.c
diff options
context:
space:
mode:
authorNeilBrown <neilb@suse.com>2016-06-02 08:19:53 +0200
committerShaohua Li <shli@fb.com>2016-06-13 20:54:21 +0200
commitf5b67ae86ee317db20c0e10d54f16a0bbbd3207d (patch)
tree8db4539e9c9f05624f2b198ddd1ccce54b281ce6 /drivers/md/multipath.c
parentmd/multipath: add rcu protection to rdev access in multipath_status. (diff)
downloadlinux-f5b67ae86ee317db20c0e10d54f16a0bbbd3207d.tar.xz
linux-f5b67ae86ee317db20c0e10d54f16a0bbbd3207d.zip
md: be extra careful not to take a reference to a Faulty device.
It is important that we never increment rdev->nr_pending on a Faulty device as ->hot_remove_disk() assumes that once the Faulty flag is visible no code will take a new reference. Some places take a new reference after only check In_sync. This should be safe as the two are changed together. However to make the code more obviously safe, add checks for 'Faulty' as well. Note: the actual rule is: Never increment nr_pending if Faulty is set and Blocked is clear, never clear Faulty, and never set Blocked without holding a reference through nr_pending. fix build error (Shaohua) Signed-off-by: NeilBrown <neilb@suse.com> Signed-off-by: Shaohua Li <shli@fb.com>
Diffstat (limited to 'drivers/md/multipath.c')
-rw-r--r--drivers/md/multipath.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/drivers/md/multipath.c b/drivers/md/multipath.c
index 69244de2036b..7eb9972a37e6 100644
--- a/drivers/md/multipath.c
+++ b/drivers/md/multipath.c
@@ -43,7 +43,8 @@ static int multipath_map (struct mpconf *conf)
rcu_read_lock();
for (i = 0; i < disks; i++) {
struct md_rdev *rdev = rcu_dereference(conf->multipaths[i].rdev);
- if (rdev && test_bit(In_sync, &rdev->flags)) {
+ if (rdev && test_bit(In_sync, &rdev->flags) &&
+ !test_bit(Faulty, &rdev->flags)) {
atomic_inc(&rdev->nr_pending);
rcu_read_unlock();
return i;