Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp4466741pxf; Tue, 16 Mar 2021 14:24:19 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwNZN0I6fR3DB8tlYQVC3UsL7LtSc/h5cwnTPU9nNLQL4zS7HBDVoR0cI1AsjGxfP3SAeoe X-Received: by 2002:a17:906:f01:: with SMTP id z1mr32955297eji.235.1615929859668; Tue, 16 Mar 2021 14:24:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1615929859; cv=none; d=google.com; s=arc-20160816; b=vo3lXmgqI7N/ZS0ThHf50FrAka0EFG3Xh6pQmorZhotS8Kg5HzjcuDMvX1jrh4RZrJ tGTCjMgtTTlSb4qqToSb6XJXo/qlOk0O/QboKgOzxrAEPnbh5L+iqd3lHeik0O1I5Qdd QWpyNeCyH37Mt80FNcqZYbj4u9M/BezBlvbC/cSMMoqdN8KlRdlH8n7fKovyTcgsPoS3 S8CjmgUGqUuOv+ijchDP7ElXFQ8GMTGASRmDevUcukq1vt48QKvZkqQds05fT1fputpr loGvls/PqRsmvOjU5On0eCblkJMeSxUWld3MaothxqxMHss/uX8VcpQl4VX0Yo+p0bfK irUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=bIjRiGnFrYHkFcEHXQt5l/9DSGp09S2kwPNNdRwhwR8=; b=S/mONEbY6iyCuGRnFEdRz5dBt8ZjFwwX0sc4+bGeYRCUOCqmZthRJZOZHz/fj/QsA8 F7P7H+Fu9dy42fFz+D5Ds/Nc6XzPAiHkLJIaBuPc5WnMEGyMDP2iMRIrP1PDoe9/aZ6X wNdU8VUk6kOYRYShd9FR+o7PYAcYO8krfmN6vxnUBvsHpiSAtjuUv8anK+1WwivnOdW5 gz2Cn9nA2KtneDcSN8DcgHAwVMMXf6qfqdgGH735ZLXOzYQyGe7clQuniEnN2tGdTtmS Q6ERJoZ2KokJ8nherUb6YSuwBV+oWH5180OkOYP7uSHyg9G620yNRSi6t2eyMEDk7q74 CJ2w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id gf2si14991032ejb.712.2021.03.16.14.23.57; Tue, 16 Mar 2021 14:24:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240750AbhCPT7q (ORCPT + 99 others); Tue, 16 Mar 2021 15:59:46 -0400 Received: from mail-pg1-f181.google.com ([209.85.215.181]:38760 "EHLO mail-pg1-f181.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240749AbhCPT7L (ORCPT ); Tue, 16 Mar 2021 15:59:11 -0400 Received: by mail-pg1-f181.google.com with SMTP id q5so10679097pgk.5; Tue, 16 Mar 2021 12:59:11 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=bIjRiGnFrYHkFcEHXQt5l/9DSGp09S2kwPNNdRwhwR8=; b=bSubJX+xvJPgvcc6mPZX6nH2PuWLy1b9X44MijG9eyEpnS6u/pxopkX5rbNiGxKsVH Vxb+P/lulxYZZSGK02KXO5v5+eY1eb6kL/zcm+jBKRBjABav5hloSTW4O3Bv9NiBp0T0 vbaOID9f4H21kUKzEy6lSDrtAI8Y2TN5VVE4tT4dzNfZprFh68DYOqDn7uDy8gxc6ZED 4Qze+sZ9FrGM4fOpwJkifddufd28oIWX8N4wQPTgQbFgNG/JGFabd8bPnTpvgwbRnwdp K1tQAQKskVkwBbeHuW8vPkc/ricmvoqamshId+IG/Xs4JgsTGLi1ZIzecs4DRIPFHV7f mTcA== X-Gm-Message-State: AOAM5325wEmQ4WLO1v/Y75+zaCteH/07ukNH4zwAn/Jnjm5d112jC1fy RVdVBwPQ4kgMQPekGnYsv+o= X-Received: by 2002:a62:6045:0:b029:20c:b6a6:6077 with SMTP id u66-20020a6260450000b029020cb6a66077mr954227pfb.51.1615924750631; Tue, 16 Mar 2021 12:59:10 -0700 (PDT) Received: from ?IPv6:2601:647:4000:d7:b6b5:afbd:6ae4:8f83? ([2601:647:4000:d7:b6b5:afbd:6ae4:8f83]) by smtp.gmail.com with ESMTPSA id z9sm16598496pgs.32.2021.03.16.12.59.08 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 16 Mar 2021 12:59:09 -0700 (PDT) Subject: Re: [RFC PATCH v3 2/3] blk-mq: Freeze and quiesce all queues for tagset in elevator_exit() To: John Garry , Ming Lei Cc: "hare@suse.de" , "axboe@kernel.dk" , "hch@lst.de" , "linux-block@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "pragalla@codeaurora.org" , "kashyap.desai@broadcom.com" , yuyufen References: <1614957294-188540-1-git-send-email-john.garry@huawei.com> <1614957294-188540-3-git-send-email-john.garry@huawei.com> <8c6c6783-6152-2332-2f50-14c409e40320@huawei.com> <2b0c66ba-03b3-844c-1684-f8e80d11cdbb@acm.org> <4ffaba53-100a-43a5-8746-b753d4153be5@huawei.com> <82526e78-66e5-fc3c-7acd-38f1813ebe1e@huawei.com> From: Bart Van Assche Message-ID: Date: Tue, 16 Mar 2021 12:59:07 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.0 MIME-Version: 1.0 In-Reply-To: <82526e78-66e5-fc3c-7acd-38f1813ebe1e@huawei.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 3/16/21 10:43 AM, John Garry wrote: > On 16/03/2021 17:00, Bart Van Assche wrote: >> I agree that Jens asked at the end of 2018 not to touch the fast path >> to fix this use-after-free (maybe that request has been repeated more >> recently). If Jens or anyone else feels strongly about not clearing >> hctx->tags->rqs[rq->tag] from the fast path then I will make that change. > > Is that possible for this same approach? I need to check the code more.. If the fast path should not be modified, I'm considering to borrow patch 1/3 from your patch series and to add an rcu_barrier() between the code that clears the request pointers and that frees the scheduler requests. > And don't we still have the problem that some iter callbacks may > sleep/block, which is not allowed in an RCU read-side critical section? Thanks for having brought this up. Since none of the functions that iterate over requests should be called from the hot path of a block driver, I think that we can use srcu_read_(un|)lock() inside bt_iter() and bt_tags_iter() instead of rcu_read_(un|)lock(). Bart.