WSL2-Linux-Kernel

История

Shigeru Yoshida c0d73be0af nbd: Fix hung when signal interrupts nbd_start_device_ioctl() [ Upstream commit `1de7c3cf48` ] syzbot reported hung task [1]. The following program is a simplified version of the reproducer: int main(void) { int sv[2], fd; if (socketpair(AF_UNIX, SOCK_STREAM, 0, sv) < 0) return 1; if ((fd = open("/dev/nbd0", 0)) < 0) return 1; if (ioctl(fd, NBD_SET_SIZE_BLOCKS, 0x81) < 0) return 1; if (ioctl(fd, NBD_SET_SOCK, sv[0]) < 0) return 1; if (ioctl(fd, NBD_DO_IT) < 0) return 1; return 0; } When signal interrupt nbd_start_device_ioctl() waiting the condition atomic_read(&config->recv_threads) == 0, the task can hung because it waits the completion of the inflight IOs. This patch fixes the issue by clearing queue, not just shutdown, when signal interrupt nbd_start_device_ioctl(). Link: https://syzkaller.appspot.com/bug?id=7d89a3ffacd2b83fdd39549bc4d8e0a89ef21239 [1] Reported-by: syzbot+38e6c55d4969a14c1534@syzkaller.appspotmail.com Signed-off-by: Shigeru Yoshida <syoshida@redhat.com> Reviewed-by: Josef Bacik <josef@toxicpanda.com> Link: https://lore.kernel.org/r/20220907163502.577561-1-syoshida@redhat.com Signed-off-by: Jens Axboe <axboe@kernel.dk> Signed-off-by: Sasha Levin <sashal@kernel.org>		2022-10-26 12:35:47 +02:00
..
aoe	for-5.14/drivers-2021-06-29	2021-06-30 12:21:16 -07:00
drbd	drbd: fix an invalid memory access caused by incorrect use of list iterator	2022-07-12 16:35:00 +02:00
mtip32xx	block: fix surprise removal for drivers calling blk_set_queue_dying	2022-02-23 12:03:15 +01:00
null_blk	null_blk: fix ida error handling in null_add_dev()	2022-08-17 14:24:00 +02:00
paride	SCSI misc on 20210902	2021-09-02 15:09:46 -07:00
rnbd	block/rnbd-srv: Set keep_id to true after mutex_trylock	2022-08-17 14:24:00 +02:00
rsxx	for-5.14/drivers-2021-06-29	2021-06-30 12:21:16 -07:00
xen-blkback	xen-blkback: Advertise feature-persistent as user requested	2022-09-08 12:28:05 +02:00
zram	zram: do not lookup algorithm in backends table	2022-08-25 11:40:34 +02:00
Kconfig	virtio-blk: avoid preallocating big SGL for data	2022-07-12 16:34:56 +02:00
Makefile	drivers/block: remove the umem driver	2021-03-24 06:57:40 -06:00
amiflop.c	block: drop unused includes in <linux/genhd.h>	2022-03-16 14:23:46 +01:00
ataflop.c	block: drop unused includes in <linux/genhd.h>	2022-03-16 14:23:46 +01:00
brd.c	brd: reduce the brd_devices_mutex scope	2021-10-17 06:51:19 -06:00
cryptoloop.c	cryptoloop: add a deprecation warning	2021-08-27 10:44:54 -06:00
floppy.c	floppy: use a statically allocated error counter	2022-05-25 09:57:21 +02:00
loop.c	loop: Check for overflow while configuring loop	2022-08-31 17:16:47 +02:00
loop.h	loop: reduce the loop_ctl_mutex scope	2021-09-03 22:14:40 -06:00
n64cart.c	n64cart: convert bi_disk to bi_bdev->bd_disk fix build	2022-04-08 14:24:16 +02:00
nbd.c	nbd: Fix hung when signal interrupts nbd_start_device_ioctl()	2022-10-26 12:35:47 +02:00
pktcdvd.c	block: move the bdi from the request_queue to the gendisk	2021-08-09 11:53:23 -06:00
ps3disk.c	ps3disk: use memcpy_{from,to}_bvec	2021-08-02 13:37:27 -06:00
ps3vram.c	ps3vram: use bvec_virt	2021-08-16 10:50:33 -06:00
rbd.c	block: fix surprise removal for drivers calling blk_set_queue_dying	2022-02-23 12:03:15 +01:00
rbd_types.h	libceph, rbd: replace zero-length array with flexible-array	2020-06-01 13:22:53 +02:00
sunvdc.c	Char / Misc driver updates for 5.14-rc1	2021-07-05 13:42:16 -07:00
swim.c	block: drop unused includes in <linux/genhd.h>	2022-03-16 14:23:46 +01:00
swim3.c	swim3: use blk_mq_alloc_disk	2021-06-11 11:53:02 -06:00
swim_asm.S	…
sx8.c	sx8: use the internal state machine to check if del_gendisk needs to be called	2021-08-12 10:29:36 -06:00
virtio_blk.c	virtio-blk: modify the value type of num in virtio_queue_rq()	2022-07-12 16:35:11 +02:00
xen-blkfront.c	xen-blkfront: Cache feature_persistent value before advertisement	2022-09-08 12:28:05 +02:00
z2ram.c	for-5.14/drivers-2021-06-29	2021-06-30 12:21:16 -07:00