Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp373522pxj; Thu, 17 Jun 2021 04:54:24 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy6V6inKNgcFYfEpx8rIeUh/a8j4/PofGWOrq6fjM0oafNX6Qy23lb/fN6mt7UGNCLMtJcn X-Received: by 2002:a05:6638:10e3:: with SMTP id g3mr4346144jae.20.1623930864023; Thu, 17 Jun 2021 04:54:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623930864; cv=none; d=google.com; s=arc-20160816; b=Z48aeFZgjWZ4k5Ph8d7FG45MtWE7u8PRzUqkka9KeJBPJhW5K3F6ruCd7VGfGzok9G FfGV/i/bbdxAe4HZ66YB9Uf5B2LMsK0w1VuHfrceF7wLO1+uN5fgcZltpsjf8cya/P1W fR3UtCkSSNMKeL7JV4RCcriwZwSWTbuTRk0i4pES2pt2N314aj1qojwJMUTXo3Rqx+kV 3ck8gHTRSBFje1FcOHnEpak3o2g0Jw1s3Px2O4tyRCrr1gMaK8oqpsPsEhr/n3BCds8Z Ppj/oR3qcfdJQfJbqI392RMFC1FOwK/g5eKyzFKRobkR9Vh1vbO2JuTMohetTkThBKOv IoYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=eWfLpTUm88WigYNAtGgk0puveZH4s8vjCO/lhD+KZFA=; b=qKGLxIZ789Miw+0PDlECz0Ji4KzumsrLbQnX4FBaPfkJBSj/juqoG+nlWkWOtzfMYo ZB5952nrZJTgen6AjUg7Bt6H2wtGRE9mUhCmZpa7+zDZ7BF0WqgNN1+Qs1qDyVk7E2WQ 5jR2pHb5yOI7pNB5NcrE3zLlDgGCTP9Z/Xav06+8VKVp6kvuyU4wqanTA7qL4UZ+WXLy XBB1P411HboAGbLVXElbdZ6ny6KYxLdMMdOkNPkYUo0M1ugHRaEDo9JwftUdCNyTNIE9 8rE5qHW2+V79YJVrgtuU/3XH2Hej0rJprzKT2jOyEG5NN2gtQrRDV3C9GgnDOjeatXMU l3CQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b="Ksd9U+/h"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q4si5789003jas.57.2021.06.17.04.54.11; Thu, 17 Jun 2021 04:54:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b="Ksd9U+/h"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232635AbhFQLyI (ORCPT + 99 others); Thu, 17 Jun 2021 07:54:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57188 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230269AbhFQLyF (ORCPT ); Thu, 17 Jun 2021 07:54:05 -0400 Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A2976C061574; Thu, 17 Jun 2021 04:51:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=eWfLpTUm88WigYNAtGgk0puveZH4s8vjCO/lhD+KZFA=; b=Ksd9U+/hjhk7n5mA5nDGHYSxdq ZjKymSIxqpChMzh0uIjvW46GqzQIAUbUkc2KgZ9iAtw8Occ48KXpEdrwhf1V/SOTILfcoq15YzLe3 pd2CTMHOibHCqPeQRFeJ+4BC4ILcOzzZlwMQ2XJdFSZSJQvxqsSIiiB86v16VD2X6LhGwWc2G4m1t uFkCcygCch96mtPisbW0Rcu8S0F+xiZ7w0iBJigWj0LIkJiT4+ftv1HKs+Gl2mWC+/9jGuRXczqQu giuqpDjJl4ppLa1xG1/FiE+jjtHCtzBVDRSSiR/xwcuf8YQMDOUoC40mvQmMTWu7Ez0sr24mI8Vhz GU+A0e7g==; Received: from hch by casper.infradead.org with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1ltqYN-0095Tm-BZ; Thu, 17 Jun 2021 11:51:30 +0000 Date: Thu, 17 Jun 2021 12:51:23 +0100 From: Christoph Hellwig To: Desmond Cheong Zhi Xi Cc: axboe@kernel.dk, linux-block@vger.kernel.org, linux-kernel@vger.kernel.org, skhan@linuxfoundation.org, gregkh@linuxfoundation.org, linux-kernel-mentees@lists.linuxfoundation.org, syzbot+6a8a0d93c91e8fbf2e80@syzkaller.appspotmail.com, miquel.raynal@bootlin.com, richard@nod.at, vigneshr@ti.com, linux-mtd@lists.infradead.org Subject: Re: [PATCH] block: break circular locks in blk_request_module Message-ID: References: <20210617092016.522985-1-desmondcheongzx@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210617092016.522985-1-desmondcheongzx@gmail.com> X-SRS-Rewrite: SMTP reverse-path rewritten from by casper.infradead.org. See http://www.infradead.org/rpr.html Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jun 17, 2021 at 05:20:16PM +0800, Desmond Cheong Zhi Xi wrote: > mutex_lock(&major_names_lock); > for (n = &major_names[major_to_index(major)]; *n; n = &(*n)->next) { > if ((*n)->major == major && (*n)->probe) { > - (*n)->probe(devt); > + probe = (*n)->probe; > mutex_unlock(&major_names_lock); > + probe(devt); And now you can all probe after it has been freed and/or the module has been unloaded. The obviously correct fix is to only hold mtd_table_mutex for the actually required critical section: diff --git a/drivers/mtd/mtd_blkdevs.c b/drivers/mtd/mtd_blkdevs.c index fb8e12d590a1..065d94f9b1fb 100644 --- a/drivers/mtd/mtd_blkdevs.c +++ b/drivers/mtd/mtd_blkdevs.c @@ -529,13 +529,11 @@ int register_mtd_blktrans(struct mtd_blktrans_ops *tr) register_mtd_user(&blktrans_notifier); - mutex_lock(&mtd_table_mutex); ret = register_blkdev(tr->major, tr->name); if (ret < 0) { printk(KERN_WARNING "Unable to register %s block device on major %d: %d\n", tr->name, tr->major, ret); - mutex_unlock(&mtd_table_mutex); return ret; } @@ -545,12 +543,12 @@ int register_mtd_blktrans(struct mtd_blktrans_ops *tr) tr->blkshift = ffs(tr->blksize) - 1; INIT_LIST_HEAD(&tr->devs); - list_add(&tr->list, &blktrans_majors); + mutex_lock(&mtd_table_mutex); + list_add(&tr->list, &blktrans_majors); mtd_for_each_device(mtd) if (mtd->type != MTD_ABSENT) tr->add_mtd(tr, mtd); - mutex_unlock(&mtd_table_mutex); return 0; }