summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorNeilBrown <neilb@suse.de>2008-07-21 09:05:25 +0200
committerNeilBrown <neilb@suse.de>2008-07-21 09:05:25 +0200
commit4b80991c6cb9efa607bc4fd6f3ecdf5511c31bb0 (patch)
tree5e2ba7d509af245c29bdf04b00960cc367972c44 /security
parentmd: only count actual openers as access which prevent a 'stop' (diff)
downloadlinux-4b80991c6cb9efa607bc4fd6f3ecdf5511c31bb0.tar.xz
linux-4b80991c6cb9efa607bc4fd6f3ecdf5511c31bb0.zip
md: Protect access to mddev->disks list using RCU
All modifications and most access to the mddev->disks list are made under the reconfig_mutex lock. However there are three places where the list is walked without any locking. If a reconfig happens at this time, havoc (and oops) can ensue. So use RCU to protect these accesses: - wrap them in rcu_read_{,un}lock() - use list_for_each_entry_rcu - add to the list with list_add_rcu - delete from the list with list_del_rcu - delay the 'free' with call_rcu rather than schedule_work Note that export_rdev did a list_del_init on this list. In almost all cases the entry was not in the list anymore so it was a no-op and so safe. It is no longer safe as after list_del_rcu we may not touch the list_head. An audit shows that export_rdev is called: - after unbind_rdev_from_array, in which case the delete has already been done, - after bind_rdev_to_array fails, in which case the delete isn't needed. - before the device has been put on a list at all (e.g. in add_new_disk where reading the superblock fails). - and in autorun devices after a failure when the device is on a different list. So remove the list_del_init call from export_rdev, and add it back immediately before the called to export_rdev for that last case. Note also that ->same_set is sometimes used for lists other than mddev->list (e.g. candidates). In these cases rcu is not needed. Signed-off-by: NeilBrown <neilb@suse.de>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions