block: add a flag to make put_disk on partially initalized disks safer

Add a flag to indicate that __device_add_disk did grab a queue reference
so that disk_release only drops it if we actually had it.  This sort
out one of the major pitfals with partially initialized gendisk that
a lot of drivers did get wrong or still do.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Reviewed-by: Ulf Hansson <ulf.hansson@linaro.org>
Link: https://lore.kernel.org/r/20210521055116.1053587-5-hch@lst.de
Signed-off-by: Jens Axboe <axboe@kernel.dk>
This commit is contained in:
Christoph Hellwig 2021-05-21 07:50:54 +02:00 committed by Jens Axboe
parent 0d1feb72ff
commit 958229a7c5
2 changed files with 6 additions and 2 deletions

View File

@ -539,7 +539,10 @@ static void __device_add_disk(struct device *parent, struct gendisk *disk,
* Take an extra ref on queue which will be put on disk_release() * Take an extra ref on queue which will be put on disk_release()
* so that it sticks around as long as @disk is there. * so that it sticks around as long as @disk is there.
*/ */
WARN_ON_ONCE(!blk_get_queue(disk->queue)); if (blk_get_queue(disk->queue))
set_bit(GD_QUEUE_REF, &disk->state);
else
WARN_ON_ONCE(1);
disk_add_events(disk); disk_add_events(disk);
blk_integrity_add(disk); blk_integrity_add(disk);
@ -1107,7 +1110,7 @@ static void disk_release(struct device *dev)
kfree(disk->random); kfree(disk->random);
xa_destroy(&disk->part_tbl); xa_destroy(&disk->part_tbl);
bdput(disk->part0); bdput(disk->part0);
if (disk->queue) if (test_bit(GD_QUEUE_REF, &disk->state) && disk->queue)
blk_put_queue(disk->queue); blk_put_queue(disk->queue);
kfree(disk); kfree(disk);
} }

View File

@ -153,6 +153,7 @@ struct gendisk {
unsigned long state; unsigned long state;
#define GD_NEED_PART_SCAN 0 #define GD_NEED_PART_SCAN 0
#define GD_READ_ONLY 1 #define GD_READ_ONLY 1
#define GD_QUEUE_REF 2
struct kobject *slave_dir; struct kobject *slave_dir;
struct timer_rand_state *random; struct timer_rand_state *random;