zram: avoid race between zram_remove and disksize_store

After resetting device in zram_remove(), disksize_store still may come and
allocate resources again before deleting gendisk, fix the race by resetting
zram after del_gendisk() returns. At that time, disksize_store can't come
any more.

Reported-by: Luis Chamberlain <mcgrof@kernel.org>
Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Signed-off-by: Ming Lei <ming.lei@redhat.com>
Acked-by: Minchan Kim <minchan@kernel.org>
Link: https://lore.kernel.org/r/20211025025426.2815424-4-ming.lei@redhat.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>

diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c
index 13b65eb..2dfa3a3 100644 (file)
--- a/drivers/block/zram/zram_drv.c
+++ b/drivers/block/zram/zram_drv.c
@@ -2006,6 +2006,13 @@ static int zram_remove(struct zram *zram)
        /* del_gendisk drains pending reset_store */
        WARN_ON_ONCE(claimed && zram->claim);
 
+       /*
+        * disksize_store() may be called in between zram_reset_device()
+        * and del_gendisk(), so run the last reset to avoid leaking
+        * anything allocated with disksize_store()
+        */
+       zram_reset_device(zram);
+
        blk_cleanup_disk(zram->disk);
        kfree(zram);
        return 0;