kernel-fxtec-pro1x/drivers/md
NeilBrown 01f96c0a99 md: Avoid waking up a thread after it has been freed.
Two related problems:

1/ some error paths call "md_unregister_thread(mddev->thread)"
   without subsequently clearing ->thread.  A subsequent call
   to mddev_unlock will try to wake the thread, and crash.

2/ Most calls to md_wakeup_thread are protected against the thread
   disappeared either by:
      - holding the ->mutex
      - having an active request, so something else must be keeping
        the array active.
   However mddev_unlock calls md_wakeup_thread after dropping the
   mutex and without any certainty of an active request, so the
   ->thread could theoretically disappear.
   So we need a spinlock to provide some protections.

So change md_unregister_thread to take a pointer to the thread
pointer, and ensure that it always does the required locking, and
clears the pointer properly.

Reported-by: "Moshe Melnikov" <moshe@zadarastorage.com>
Signed-off-by: NeilBrown <neilb@suse.de>
cc: stable@kernel.org
2011-09-21 15:30:20 +10:00
..
bitmap.c MD bitmap: Revert DM dirty log hooks 2011-07-27 11:00:37 +10:00
bitmap.h MD bitmap: Revert DM dirty log hooks 2011-07-27 11:00:37 +10:00
dm-bio-record.h
dm-crypt.c dm crypt: optionally support discard requests 2011-08-02 12:32:08 +01:00
dm-delay.c dm: convert workqueues to alloc_ordered 2011-01-13 19:59:57 +00:00
dm-exception-store.c dm snapshot: test chunk size against both origin and snapshot 2010-08-12 04:13:51 +01:00
dm-exception-store.h dm snapshot: test chunk size against both origin and snapshot 2010-08-12 04:13:51 +01:00
dm-flakey.c dm flakey: add corrupt_bio_byte feature 2011-08-02 12:32:06 +01:00
dm-io.c dm io: flush cpu cache with vmapped io 2011-08-02 12:32:01 +01:00
dm-ioctl.c dm ioctl: forbid multiple device specifiers 2011-08-02 12:32:06 +01:00
dm-kcopyd.c dm snapshot: skip reading origin when overwriting complete chunk 2011-08-02 12:32:04 +01:00
dm-linear.c dm: use dm_target_offset macro 2010-08-12 04:14:11 +01:00
dm-log-userspace-base.c dm log: userspace use list_move 2011-08-02 12:32:02 +01:00
dm-log-userspace-transfer.c netlink: kill eff_cap from struct netlink_skb_parms 2011-03-03 13:32:07 -08:00
dm-log-userspace-transfer.h
dm-log.c dm: use vzalloc 2011-08-02 12:32:02 +01:00
dm-mpath.c dm table: share target argument parsing functions 2011-08-02 12:32:04 +01:00
dm-mpath.h
dm-path-selector.c
dm-path-selector.h
dm-queue-length.c atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
dm-raid.c dm raid: add md raid1 support 2011-08-02 12:32:07 +01:00
dm-raid1.c dm kcopyd: return client directly and not through a pointer 2011-05-29 13:03:13 +01:00
dm-region-hash.c Fix common misspellings 2011-03-31 11:26:23 -03:00
dm-round-robin.c
dm-service-time.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
dm-snap-persistent.c dm snapshot: style cleanups 2011-08-02 12:32:03 +01:00
dm-snap-transient.c dm snapshot: move cow ref from exception store to snap core 2009-12-10 23:52:12 +00:00
dm-snap.c dm snapshot: skip reading origin when overwriting complete chunk 2011-08-02 12:32:04 +01:00
dm-stripe.c dm stripe: implement merge method 2011-03-24 13:54:35 +00:00
dm-sysfs.c Driver core: Constify struct sysfs_ops in struct kobj_type 2010-03-07 17:04:49 -08:00
dm-table.c dm table: set flush capability based on underlying devices 2011-08-02 12:32:08 +01:00
dm-target.c dm: error return error for discards 2010-08-12 04:14:14 +01:00
dm-uevent.c dm table: remove dm_get from dm_table_get_md 2010-03-06 02:29:52 +00:00
dm-uevent.h
dm-zero.c dm: zero silently drop discards 2010-08-12 04:14:12 +01:00
dm.c dm table: set flush capability based on underlying devices 2011-08-02 12:32:08 +01:00
dm.h dm: ignore merge_bvec for snapshots when safe 2011-08-02 12:32:04 +01:00
faulty.c Fix common misspellings 2011-03-31 11:26:23 -03:00
Kconfig dm raid: support metadata devices 2011-08-02 12:32:07 +01:00
linear.c md,rcu: Convert call_rcu(free_conf) to kfree_rcu() 2011-07-20 11:05:29 -07:00
linear.h md/linear: avoid corrupting structure while waiting for rcu_free to complete. 2011-08-25 14:43:53 +10:00
Makefile dm: add flakey target 2011-03-24 13:54:24 +00:00
md.c md: Avoid waking up a thread after it has been freed. 2011-09-21 15:30:20 +10:00
md.h md: Avoid waking up a thread after it has been freed. 2011-09-21 15:30:20 +10:00
multipath.c md: Avoid waking up a thread after it has been freed. 2011-09-21 15:30:20 +10:00
multipath.h md/multipath: discard ->working_disks in favour of ->degraded 2011-05-11 14:38:02 +10:00
raid0.c block: Require subsystems to explicitly allocate bio_set integrity mempool 2011-03-17 11:11:05 +01:00
raid0.h md: fix handling of array level takeover that re-arranges devices. 2010-06-24 13:33:24 +10:00
raid1.c md: Avoid waking up a thread after it has been freed. 2011-09-21 15:30:20 +10:00
raid1.h md/raid1: Handle write errors by updating badblock log. 2011-07-28 11:32:41 +10:00
raid5.c md: Avoid waking up a thread after it has been freed. 2011-09-21 15:30:20 +10:00
raid5.h md/raid5: Clear bad blocks on successful write. 2011-07-28 11:39:23 +10:00
raid10.c md: Avoid waking up a thread after it has been freed. 2011-09-21 15:30:20 +10:00
raid10.h md/raid10: Handle write errors by updating badblock log. 2011-07-28 11:39:24 +10:00