[kernel/f15] fix potential oops introduced in 2.6.38.8

Fri Jun 24 04:44:08 UTC 2011

commit 8744fb36cec05e68a9605a2c297e05f0111bf6c9
Author: Chuck Ebbert <cebbert at redhat.com>
Date:   Fri Jun 24 00:44:32 2011 -0400

    fix potential oops introduced in 2.6.38.8

 ...kdev_get-should-access-bd_disk-only-after.patch |   40 ++++++++++++++++++++
 kernel.spec                                        |    6 ++-
 2 files changed, 45 insertions(+), 1 deletions(-)
---

diff --git a/block-blkdev_get-should-access-bd_disk-only-after.patch b/block-blkdev_get-should-access-bd_disk-only-after.patch
new file mode 100644
index 0000000..956b041
--- /dev/null
+++ b/block-blkdev_get-should-access-bd_disk-only-after.patch
@@ -0,0 +1,40 @@
+From 4c49ff3fe128ca68dabd07537415c419ad7f82f9 Mon Sep 17 00:00:00 2001
+From: Tejun Heo <tj at kernel.org>
+Date: Wed, 1 Jun 2011 08:27:41 +0200
+Subject: block: blkdev_get() should access ->bd_disk only after
+ success
+
+From: Tejun Heo <tj at kernel.org>
+
+commit 4c49ff3fe128ca68dabd07537415c419ad7f82f9 upstream.
+
+d4dc210f69 (block: don't block events on excl write for non-optical
+devices) added dereferencing of bdev->bd_disk to test
+GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE; however, bdev->bd_disk can be
+%NULL if open failed which can lead to an oops.
+
+Test the flag after testing open was successful, not before.
+
+Signed-off-by: Tejun Heo <tj at kernel.org>
+Reported-by: David Miller <davem at davemloft.net>
+Tested-by: David Miller <davem at davemloft.net>
+Signed-off-by: Jens Axboe <jaxboe at fusionio.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
+
+---
+ fs/block_dev.c |    4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/fs/block_dev.c
++++ b/fs/block_dev.c
+@@ -1272,8 +1272,8 @@ int blkdev_get(struct block_device *bdev
+ 		 * individual writeable reference is too fragile given the
+ 		 * way @mode is used in blkdev_get/put().
+ 		 */
+-		if ((disk->flags & GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE) &&
+-		    !res && (mode & FMODE_WRITE) && !bdev->bd_write_holder) {
++		if (!res && (mode & FMODE_WRITE) && !bdev->bd_write_holder &&
++		    (disk->flags & GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE)) {
+ 			bdev->bd_write_holder = true;
+ 			disk_block_events(disk);
+ 		}
diff --git a/kernel.spec b/kernel.spec
index 17efa77..ea0c19e 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -658,6 +658,7 @@ Patch580: linux-2.6-sparc-selinux-mprotect-checks.patch
 
 Patch600: block-queue-refcount.patch
 Patch601: block-export-blk_-get-put-_queue.patch
+Patch602: block-blkdev_get-should-access-bd_disk-only-after.patch
 
 Patch610: hda_intel-prealloc-4mb-dmabuffer.patch
 
@@ -1278,10 +1279,11 @@ ApplyPatch x86-pci-preserve-existing-pci-bfsort-whitelist-for-dell-systems.patch
 #ApplyPatch ima-allow-it-to-be-completely-disabled-and-default-off.patch
 
 #
-# SCSI Bits.
+# SCSI / block Bits.
 #
 ApplyPatch block-queue-refcount.patch
 ApplyPatch block-export-blk_-get-put-_queue.patch
+ApplyPatch block-blkdev_get-should-access-bd_disk-only-after.patch
 
 # ACPI
 
@@ -2025,6 +2027,8 @@ fi
 %changelog
 * Fri Jun 24 2011 Chuck Ebbert <cebbert at redhat.com>
 - Minor cleanup: use upstream patch to export block_{get,put}_queue
+- block-blkdev_get-should-access-bd_disk-only-after.patch:
+  fix potential oops introduced in 2.6.38.8
 
 * Thu Jun 23 2011 Dave Airlie <airlied at redhat.com> 2.6.38.8-34
 - drm-i915-snb-irq-stalls-fix.patch: fix Sandybridge IRQ stalls
