zloop: use READ_ONCE() to read lo->lo_state in queue_rq path

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

In the queue_rq path, zlo->state is accessed without locking, and direct
access may read stale data. This patch uses READ_ONCE() to read
zlo->state and data_race() to silence code checkers, and changes all
assignments to use WRITE_ONCE().

Reviewed-by: Damien Le Moal <dlemoal@kernel.org>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Yongpeng Yang <yangyongpeng@xiaomi.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

authored by

Yongpeng Yang and committed by

Jens Axboe 3 months ago 4b2b0315 54891a96

+4 -4

1 changed file

expand all

drivers

block

zloop.c

+4 -4

drivers/block/zloop.c

··· 697 697 struct zloop_cmd *cmd = blk_mq_rq_to_pdu(rq); 698 698 struct zloop_device *zlo = rq->q->queuedata; 699 699 700 - if (zlo->state == Zlo_deleting) 700 + if (data_race(READ_ONCE(zlo->state)) == Zlo_deleting) 701 701 return BLK_STS_IOERR; 702 702 703 703 /* ··· 1002 1002 ret = -ENOMEM; 1003 1003 goto out; 1004 1004 } 1005 - zlo->state = Zlo_creating; 1005 + WRITE_ONCE(zlo->state, Zlo_creating); 1006 1006 1007 1007 ret = mutex_lock_killable(&zloop_ctl_mutex); 1008 1008 if (ret) ··· 1113 1113 } 1114 1114 1115 1115 mutex_lock(&zloop_ctl_mutex); 1116 - zlo->state = Zlo_live; 1116 + WRITE_ONCE(zlo->state, Zlo_live); 1117 1117 mutex_unlock(&zloop_ctl_mutex); 1118 1118 1119 1119 pr_info("zloop: device %d, %u zones of %llu MiB, %u B block size\n", ··· 1177 1177 ret = -EINVAL; 1178 1178 } else { 1179 1179 idr_remove(&zloop_index_idr, zlo->id); 1180 - zlo->state = Zlo_deleting; 1180 + WRITE_ONCE(zlo->state, Zlo_deleting); 1181 1181 } 1182 1182 1183 1183 mutex_unlock(&zloop_ctl_mutex);