Commit d92c370a16cb ("block: really clone the block cgroup in bio_clone_blkg_association") changed bio_clone_blkg_association() to just clone bio->bi_blkg reference from source to destination bio. This is however wrong if the source and destination bios are against different block devices because struct blkcg_gq is different for each bdev-blkcg pair. This will result in IOs being accounted (and throttled as a result) multiple times against the same device (src bdev) while throttling of the other device (dst bdev) is ignored. In case of BFQ the inconsistency can even result in crashes in bfq_bic_update_cgroup(). Fix the problem by looking up correct blkcg_gq for the cloned bio. Reported-by: Logan Gunthorpe <logang@xxxxxxxxxxxx> Reported-and-tested-by: Donald Buczek <buczek@xxxxxxxxxxxxx> Fixes: d92c370a16cb ("block: really clone the block cgroup in bio_clone_blkg_association") CC: stable@xxxxxxxxxxxxxxx Reviewed-by: Christoph Hellwig <hch@xxxxxx> Signed-off-by: Jan Kara <jack@xxxxxxx> --- block/blk-cgroup.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) Changes since v1: * Added tags * Removed unnecessary RCU protection diff --git a/block/blk-cgroup.c b/block/blk-cgroup.c index 40161a3f68d0..764e740b0c0f 100644 --- a/block/blk-cgroup.c +++ b/block/blk-cgroup.c @@ -1974,12 +1974,8 @@ EXPORT_SYMBOL_GPL(bio_associate_blkg); */ void bio_clone_blkg_association(struct bio *dst, struct bio *src) { - if (src->bi_blkg) { - if (dst->bi_blkg) - blkg_put(dst->bi_blkg); - blkg_get(src->bi_blkg); - dst->bi_blkg = src->bi_blkg; - } + if (src->bi_blkg) + bio_associate_blkg_from_css(dst, bio_blkcg_css(src)); } EXPORT_SYMBOL_GPL(bio_clone_blkg_association); -- 2.35.3