diff options
author | NeilBrown <neilb@suse.com> | 2016-06-02 16:19:53 +1000 |
---|---|---|
committer | Shaohua Li <shli@fb.com> | 2016-06-13 11:54:21 -0700 |
commit | f5b67ae86ee317db20c0e10d54f16a0bbbd3207d (patch) | |
tree | 8db4539e9c9f05624f2b198ddd1ccce54b281ce6 /drivers/md/multipath.c | |
parent | 40cf2123c57928c3ec0626c49bef97ebdbce008e (diff) | |
download | lwn-f5b67ae86ee317db20c0e10d54f16a0bbbd3207d.tar.gz lwn-f5b67ae86ee317db20c0e10d54f16a0bbbd3207d.zip |
md: be extra careful not to take a reference to a Faulty device.
It is important that we never increment rdev->nr_pending on a Faulty
device as ->hot_remove_disk() assumes that once the Faulty flag is visible
no code will take a new reference.
Some places take a new reference after only check In_sync. This should
be safe as the two are changed together. However to make the code more
obviously safe, add checks for 'Faulty' as well.
Note: the actual rule is:
Never increment nr_pending if Faulty is set and Blocked is clear,
never clear Faulty, and never set Blocked without holding a reference
through nr_pending.
fix build error (Shaohua)
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Shaohua Li <shli@fb.com>
Diffstat (limited to 'drivers/md/multipath.c')
-rw-r--r-- | drivers/md/multipath.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/drivers/md/multipath.c b/drivers/md/multipath.c index 69244de2036b..7eb9972a37e6 100644 --- a/drivers/md/multipath.c +++ b/drivers/md/multipath.c @@ -43,7 +43,8 @@ static int multipath_map (struct mpconf *conf) rcu_read_lock(); for (i = 0; i < disks; i++) { struct md_rdev *rdev = rcu_dereference(conf->multipaths[i].rdev); - if (rdev && test_bit(In_sync, &rdev->flags)) { + if (rdev && test_bit(In_sync, &rdev->flags) && + !test_bit(Faulty, &rdev->flags)) { atomic_inc(&rdev->nr_pending); rcu_read_unlock(); return i; |