4.4-stable patches

added patches:
	dm-fix-potential-for-q-make_request_fn-null-pointer.patch

diff --git a/queue-4.4/dm-fix-potential-for-q-make_request_fn-null-pointer.patch b/queue-4.4/dm-fix-potential-for-q-make_request_fn-null-pointer.patch
new file mode 100644 (file)
index 0000000..da87d39
--- /dev/null
+++ b/queue-4.4/dm-fix-potential-for-q-make_request_fn-null-pointer.patch
@@ -0,0 +1,74 @@
+From 47ace7e012b9f7ad71d43ac9063d335ea3d6820b Mon Sep 17 00:00:00 2001
+From: Mike Snitzer <snitzer@redhat.com>
+Date: Mon, 27 Jan 2020 14:07:23 -0500
+Subject: dm: fix potential for q->make_request_fn NULL pointer
+
+From: Mike Snitzer <snitzer@redhat.com>
+
+commit 47ace7e012b9f7ad71d43ac9063d335ea3d6820b upstream.
+
+Move blk_queue_make_request() to dm.c:alloc_dev() so that
+q->make_request_fn is never NULL during the lifetime of a DM device
+(even one that is created without a DM table).
+
+Otherwise generic_make_request() will crash simply by doing:
+  dmsetup create -n test
+  mount /dev/dm-N /mnt
+
+While at it, move ->congested_data initialization out of
+dm.c:alloc_dev() and into the bio-based specific init method.
+
+Reported-by: Stefan Bader <stefan.bader@canonical.com>
+BugLink: https://bugs.launchpad.net/bugs/1860231
+Fixes: ff36ab34583a ("dm: remove request-based logic from make_request_fn wrapper")
+Depends-on: c12c9a3c3860c ("dm: various cleanups to md->queue initialization code")
+Cc: stable@vger.kernel.org
+Signed-off-by: Mike Snitzer <snitzer@redhat.com>
+[smb: adjusted for context and dm_init_md_queue() exitsting in older
+      kernels, and congested_data embedded in backing_dev_info, and
+      dm_init_normal_md_queue() was called dm_init_old_md_queue()]
+Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/md/dm.c |    9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+--- a/drivers/md/dm.c
++++ b/drivers/md/dm.c
+@@ -2293,7 +2293,6 @@ static void dm_init_md_queue(struct mapp
+        * - must do so here (in alloc_dev callchain) before queue is used
+        */
+       md->queue->queuedata = md;
+-      md->queue->backing_dev_info.congested_data = md;
+ }
+ 
+ static void dm_init_old_md_queue(struct mapped_device *md)
+@@ -2304,6 +2303,7 @@ static void dm_init_old_md_queue(struct
+       /*
+        * Initialize aspects of queue that aren't relevant for blk-mq
+        */
++      md->queue->backing_dev_info.congested_data = md;
+       md->queue->backing_dev_info.congested_fn = dm_any_congested;
+       blk_queue_bounce_limit(md->queue, BLK_BOUNCE_ANY);
+ }
+@@ -2386,6 +2386,12 @@ static struct mapped_device *alloc_dev(i
+               goto bad;
+ 
+       dm_init_md_queue(md);
++      /*
++       * default to bio-based required ->make_request_fn until DM
++       * table is loaded and md->type established. If request-based
++       * table is loaded: blk-mq will override accordingly.
++       */
++      blk_queue_make_request(md->queue, dm_make_request);
+ 
+       md->disk = alloc_disk(1);
+       if (!md->disk)
+@@ -2849,7 +2855,6 @@ int dm_setup_md_queue(struct mapped_devi
+               break;
+       case DM_TYPE_BIO_BASED:
+               dm_init_old_md_queue(md);
+-              blk_queue_make_request(md->queue, dm_make_request);
+               /*
+                * DM handles splitting bios as needed.  Free the bio_split bioset
+                * since it won't be used (saves 1 process per bio-based DM device).

diff --git a/queue-4.4/series b/queue-4.4/series
index b9e5534abf5287fbaf14bacb29445ba845eccec9..c6a4310685749f320217bb959382b86ba9ae3036 100644 (file)
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -88,3 +88,4 @@ mwifiex-fix-possible-buffer-overflows-in-mwifiex_ret.patch
 mwifiex-fix-possible-buffer-overflows-in-mwifiex_cmd.patch
 libertas-don-t-exit-from-lbs_ibss_join_existing-with.patch
 libertas-make-lbs_ibss_join_existing-return-error-co.patch
+dm-fix-potential-for-q-make_request_fn-null-pointer.patch