Patch "block: ensure we hold a queue reference when using queue limits" has been added to the 6.1-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Mon, 22 Jan 2024 18:19:58 -0500

This is a note to let you know that I've just added the patch titled

    block: ensure we hold a queue reference when using queue limits

to the 6.1-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     block-ensure-we-hold-a-queue-reference-when-using-qu.patch
and it can be found in the queue-6.1 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit fd71735a16fa04b89c9c9b7ffda031562212bec6
Author: Jens Axboe <axboe@xxxxxxxxx>
Date:   Fri Jan 12 09:12:20 2024 -0700

    block: ensure we hold a queue reference when using queue limits
    
    [ Upstream commit 7b4f36cd22a65b750b4cb6ac14804fb7d6e6c67d ]
    
    q_usage_counter is the only thing preventing us from the limits changing
    under us in __bio_split_to_limits, but blk_mq_submit_bio doesn't hold
    it while calling into it.
    
    Move the splitting inside the region where we know we've got a queue
    reference. Ideally this could still remain a shared section of code, but
    let's keep the fix simple and defer any refactoring here to later.
    
    Reported-by: Christoph Hellwig <hch@xxxxxx>
    Fixes: 900e08075202 ("block: move queue enter logic into blk_mq_submit_bio()")
    Reviewed-by: Christoph Hellwig <hch@xxxxxx>
    Reviewed-by: Ming Lei <ming.lei@xxxxxxxxxx>
    Signed-off-by: Jens Axboe <axboe@xxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/block/blk-mq.c b/block/blk-mq.c
index 368f1947c895..b3f99dda4530 100644
--- a/block/blk-mq.c
+++ b/block/blk-mq.c
@@ -2946,12 +2946,6 @@ void blk_mq_submit_bio(struct bio *bio)
 	blk_status_t ret;
 
 	bio = blk_queue_bounce(bio, q);
-	if (bio_may_exceed_limits(bio, &q->limits)) {
-		bio = __bio_split_to_limits(bio, &q->limits, &nr_segs);
-		if (!bio)
-			return;
-	}
-
 	bio_set_ioprio(bio);
 
 	if (plug) {
@@ -2960,6 +2954,11 @@ void blk_mq_submit_bio(struct bio *bio)
 			rq = NULL;
 	}
 	if (rq) {
+		if (unlikely(bio_may_exceed_limits(bio, &q->limits))) {
+			bio = __bio_split_to_limits(bio, &q->limits, &nr_segs);
+			if (!bio)
+				return;
+		}
 		if (!bio_integrity_prep(bio))
 			return;
 		if (blk_mq_attempt_bio_merge(q, bio, nr_segs))
@@ -2970,6 +2969,11 @@ void blk_mq_submit_bio(struct bio *bio)
 	} else {
 		if (unlikely(bio_queue_enter(bio)))
 			return;
+		if (unlikely(bio_may_exceed_limits(bio, &q->limits))) {
+			bio = __bio_split_to_limits(bio, &q->limits, &nr_segs);
+			if (!bio)
+				goto fail;
+		}
 		if (!bio_integrity_prep(bio))
 			goto fail;
 	}







