From: Bart Van Assche <bart.vanassche@sandisk.com>
Date: Tue, 16 Aug 2016 23:48:36 +0000 (-0700)
Subject: block: Fix race triggered by blk_set_queue_dying()
X-Git-Tag: submit/tizen/20161219.112149~6^2~762
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=d3a6bd7b77ce9c9c19b37226ab0640a8918c4663;p=sdk%2Femulator%2Femulator-kernel.git

block: Fix race triggered by blk_set_queue_dying()

commit 1b856086813be9371929b6cc62045f9fd470f5a0 upstream.

blk_set_queue_dying() can be called while another thread is
submitting I/O or changing queue flags, e.g. through dm_stop_queue().
Hence protect the QUEUE_FLAG_DYING flag change with locking.

Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Jens Axboe <axboe@fb.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

diff --git a/block/blk-core.c b/block/blk-core.c
index f8e64cac981a..4fab5d610805 100644
--- a/block/blk-core.c
+++ b/block/blk-core.c
@@ -515,7 +515,9 @@ EXPORT_SYMBOL_GPL(blk_queue_bypass_end);
 
 void blk_set_queue_dying(struct request_queue *q)
 {
-	queue_flag_set_unlocked(QUEUE_FLAG_DYING, q);
+	spin_lock_irq(q->queue_lock);
+	queue_flag_set(QUEUE_FLAG_DYING, q);
+	spin_unlock_irq(q->queue_lock);
 
 	if (q->mq_ops)
 		blk_mq_wake_waiters(q);