This is a note to let you know that I've just added the patch titled md: split mddev_find to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: md-split-mddev_find.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 65aa97c4d2bfd76677c211b9d03ef05a98c6d68e Mon Sep 17 00:00:00 2001 From: Christoph Hellwig <hch@xxxxxx> Date: Sat, 3 Apr 2021 18:15:29 +0200 Subject: md: split mddev_find From: Christoph Hellwig <hch@xxxxxx> commit 65aa97c4d2bfd76677c211b9d03ef05a98c6d68e upstream. Split mddev_find into a simple mddev_find that just finds an existing mddev by the unit number, and a more complicated mddev_find that deals with find or allocating a mddev. This turns out to fix this bug reported by Zhao Heming. ----------------------------- snip ------------------------------ commit d3374825ce57 ("md: make devices disappear when they are no longer needed.") introduced protection between mddev creating & removing. The md_open shouldn't create mddev when all_mddevs list doesn't contain mddev. With currently code logic, there will be very easy to trigger soft lockup in non-preempt env. --- drivers/md/md.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) --- a/drivers/md/md.c +++ b/drivers/md/md.c @@ -570,6 +570,22 @@ EXPORT_SYMBOL_GPL(mddev_init); static struct mddev *mddev_find(dev_t unit) { + struct mddev *mddev; + + if (MAJOR(unit) != MD_MAJOR) + unit &= ~((1 << MdpMinorShift) - 1); + + spin_lock(&all_mddevs_lock); + mddev = mddev_find_locked(unit); + if (mddev) + mddev_get(mddev); + spin_unlock(&all_mddevs_lock); + + return mddev; +} + +static struct mddev *mddev_find_or_alloc(dev_t unit) +{ struct mddev *mddev, *new = NULL; if (unit && MAJOR(unit) != MD_MAJOR) @@ -5276,7 +5292,7 @@ static int md_alloc(dev_t dev, char *nam * writing to /sys/module/md_mod/parameters/new_array. */ static DEFINE_MUTEX(disks_mutex); - struct mddev *mddev = mddev_find(dev); + struct mddev *mddev = mddev_find_or_alloc(dev); struct gendisk *disk; int partitioned; int shift; @@ -6126,11 +6142,9 @@ static void autorun_devices(int part) md_probe(dev, NULL, NULL); mddev = mddev_find(dev); - if (!mddev || !mddev->gendisk) { - if (mddev) - mddev_put(mddev); + if (!mddev) break; - } + if (mddev_lock(mddev)) pr_warn("md: %s locked, cannot run\n", mdname(mddev)); else if (mddev->raid_disks || mddev->major_version Patches currently in stable-queue which might be from hch@xxxxxx are queue-4.14/modules-unexport-__module_address.patch queue-4.14/modules-mark-find_symbol-static.patch queue-4.14/modules-return-licensing-information-from-find_symbol.patch queue-4.14/modules-inherit-taint_proprietary_module.patch queue-4.14/modules-mark-ref_module-static.patch queue-4.14/modules-rename-the-licence-field-in-struct-symsearch-to-license.patch queue-4.14/md-factor-out-a-mddev_find_locked-helper-from-mddev_find.patch queue-4.14/modules-unexport-__module_text_address.patch queue-4.14/modules-mark-each_symbol_section-static.patch queue-4.14/md-split-mddev_find.patch