If a device appears while module is being removed,
driver will get a callback after we've given up
on the major number.
In theory this means this major number can get reused
by something else, resulting in a conflict.
To fix, cleanup in reverse order of initialization.
Signed-off-by: Michael S. Tsirkin <[email protected]>
---
drivers/block/virtio_blk.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/block/virtio_blk.c b/drivers/block/virtio_blk.c
index 56aadbc..adfba9f 100644
--- a/drivers/block/virtio_blk.c
+++ b/drivers/block/virtio_blk.c
@@ -883,8 +883,8 @@ out_destroy_workqueue:
static void __exit fini(void)
{
- unregister_blkdev(major, "virtblk");
unregister_virtio_driver(&virtio_blk);
+ unregister_blkdev(major, "virtblk");
destroy_workqueue(virtblk_wq);
}
module_init(init);
--
MST
On Fri, Oct 24, 2014 at 12:12 AM, Michael S. Tsirkin <[email protected]> wrote:
> If a device appears while module is being removed,
> driver will get a callback after we've given up
> on the major number.
>
> In theory this means this major number can get reused
> by something else, resulting in a conflict.
Yes, there is a tiny race window.
>
> To fix, cleanup in reverse order of initialization.
Reviewed-by: Ming Lei <[email protected]>
> Signed-off-by: Michael S. Tsirkin <[email protected]>
> ---
> drivers/block/virtio_blk.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/block/virtio_blk.c b/drivers/block/virtio_blk.c
> index 56aadbc..adfba9f 100644
> --- a/drivers/block/virtio_blk.c
> +++ b/drivers/block/virtio_blk.c
> @@ -883,8 +883,8 @@ out_destroy_workqueue:
>
> static void __exit fini(void)
> {
> - unregister_blkdev(major, "virtblk");
> unregister_virtio_driver(&virtio_blk);
> + unregister_blkdev(major, "virtblk");
> destroy_workqueue(virtblk_wq);
> }
> module_init(init);
Thanks,
--
Ming Lei
Ming Lei <[email protected]> writes:
> On Fri, Oct 24, 2014 at 12:12 AM, Michael S. Tsirkin <[email protected]> wrote:
>> If a device appears while module is being removed,
>> driver will get a callback after we've given up
>> on the major number.
>>
>> In theory this means this major number can get reused
>> by something else, resulting in a conflict.
>
> Yes, there is a tiny race window.
Applied.
Thanks,
Rusty.