--- /dev/null
+From b69d8c31e3f18ab93422db072a3e57638bb4129c Mon Sep 17 00:00:00 2001
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Date: Wed, 27 Feb 2019 14:58:58 +0100
+Subject: Revert "loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl()"
+
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+This reverts commit d2762edcb6af99fc9322bab0b1d4e71a427760e8 which is
+commit 628bd85947091830a8c4872adfd5ed1d515a9cf2 upstream.
+
+It does not work properly in the 4.14.y tree and causes more problems
+than it fixes, so revert it.
+
+Reported-by: Thomas Lindroth <thomas.lindroth@gmail.com>
+Reported-by: Jan Kara <jack@suse.cz>
+Cc: syzbot <syzbot+c0138741c2290fc5e63f@syzkaller.appspotmail.com>
+Cc: Ming Lei <ming.lei@redhat.com>
+Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Cc: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/block/loop.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/drivers/block/loop.c
++++ b/drivers/block/loop.c
+@@ -1996,10 +1996,12 @@ static long loop_control_ioctl(struct fi
+ break;
+ if (lo->lo_state != Lo_unbound) {
+ ret = -EBUSY;
++ mutex_unlock(&loop_ctl_mutex);
+ break;
+ }
+ if (atomic_read(&lo->lo_refcnt) > 0) {
+ ret = -EBUSY;
++ mutex_unlock(&loop_ctl_mutex);
+ break;
+ }
+ lo->lo_disk->private_data = NULL;
--- /dev/null
+From 23b0213696688c5e7a3456221ac12bf3bae5e67b Mon Sep 17 00:00:00 2001
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Date: Wed, 27 Feb 2019 15:09:22 +0100
+Subject: Revert "loop: Fold __loop_release into loop_release"
+
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+This reverts commit f1e81ba8a3fa56dcc48828869b392b29559a0ac3 which is
+commit 967d1dc144b50ad005e5eecdfadfbcfb399ffff6 upstream.
+
+It does not work properly in the 4.14.y tree and causes more problems
+than it fixes, so revert it.
+
+Reported-by: Thomas Lindroth <thomas.lindroth@gmail.com>
+Reported-by: Jan Kara <jack@suse.cz>
+Cc: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/block/loop.c | 16 +++++++++-------
+ 1 file changed, 9 insertions(+), 7 deletions(-)
+
+--- a/drivers/block/loop.c
++++ b/drivers/block/loop.c
+@@ -1634,15 +1634,12 @@ out:
+ return err;
+ }
+
+-static void lo_release(struct gendisk *disk, fmode_t mode)
++static void __lo_release(struct loop_device *lo)
+ {
+- struct loop_device *lo;
+ int err;
+
+- mutex_lock(&loop_index_mutex);
+- lo = disk->private_data;
+ if (atomic_dec_return(&lo->lo_refcnt))
+- goto unlock_index;
++ return;
+
+ mutex_lock(&loop_ctl_mutex);
+ if (lo->lo_flags & LO_FLAGS_AUTOCLEAR) {
+@@ -1652,7 +1649,7 @@ static void lo_release(struct gendisk *d
+ */
+ err = loop_clr_fd(lo);
+ if (!err)
+- goto unlock_index;
++ return;
+ } else if (lo->lo_state == Lo_bound) {
+ /*
+ * Otherwise keep thread (if running) and config,
+@@ -1663,7 +1660,12 @@ static void lo_release(struct gendisk *d
+ }
+
+ mutex_unlock(&loop_ctl_mutex);
+-unlock_index:
++}
++
++static void lo_release(struct gendisk *disk, fmode_t mode)
++{
++ mutex_lock(&loop_index_mutex);
++ __lo_release(disk->private_data);
+ mutex_unlock(&loop_index_mutex);
+ }
+
--- /dev/null
+From 8e1a82e6d3ceada936a24743bb9f6919cf8a46a9 Mon Sep 17 00:00:00 2001
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Date: Wed, 27 Feb 2019 15:08:29 +0100
+Subject: Revert "loop: Get rid of loop_index_mutex"
+
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+This reverts commit c1e63df4f30c3918476ac9bc594355b0e9629893 which is
+commit 0a42e99b58a208839626465af194cfe640ef9493 upstream.
+
+It does not work properly in the 4.14.y tree and causes more problems
+than it fixes, so revert it.
+
+Reported-by: Thomas Lindroth <thomas.lindroth@gmail.com>
+Reported-by: Jan Kara <jack@suse.cz>
+Cc: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/block/loop.c | 39 +++++++++++++++++++--------------------
+ 1 file changed, 19 insertions(+), 20 deletions(-)
+
+--- a/drivers/block/loop.c
++++ b/drivers/block/loop.c
+@@ -81,6 +81,7 @@
+ #include <linux/uaccess.h>
+
+ static DEFINE_IDR(loop_index_idr);
++static DEFINE_MUTEX(loop_index_mutex);
+ static DEFINE_MUTEX(loop_ctl_mutex);
+
+ static int max_part;
+@@ -1618,11 +1619,9 @@ static int lo_compat_ioctl(struct block_
+ static int lo_open(struct block_device *bdev, fmode_t mode)
+ {
+ struct loop_device *lo;
+- int err;
++ int err = 0;
+
+- err = mutex_lock_killable(&loop_ctl_mutex);
+- if (err)
+- return err;
++ mutex_lock(&loop_index_mutex);
+ lo = bdev->bd_disk->private_data;
+ if (!lo) {
+ err = -ENXIO;
+@@ -1631,7 +1630,7 @@ static int lo_open(struct block_device *
+
+ atomic_inc(&lo->lo_refcnt);
+ out:
+- mutex_unlock(&loop_ctl_mutex);
++ mutex_unlock(&loop_index_mutex);
+ return err;
+ }
+
+@@ -1640,11 +1639,12 @@ static void lo_release(struct gendisk *d
+ struct loop_device *lo;
+ int err;
+
+- mutex_lock(&loop_ctl_mutex);
++ mutex_lock(&loop_index_mutex);
+ lo = disk->private_data;
+ if (atomic_dec_return(&lo->lo_refcnt))
+- goto out_unlock;
++ goto unlock_index;
+
++ mutex_lock(&loop_ctl_mutex);
+ if (lo->lo_flags & LO_FLAGS_AUTOCLEAR) {
+ /*
+ * In autoclear mode, stop the loop thread
+@@ -1652,7 +1652,7 @@ static void lo_release(struct gendisk *d
+ */
+ err = loop_clr_fd(lo);
+ if (!err)
+- return;
++ goto unlock_index;
+ } else if (lo->lo_state == Lo_bound) {
+ /*
+ * Otherwise keep thread (if running) and config,
+@@ -1662,8 +1662,9 @@ static void lo_release(struct gendisk *d
+ blk_mq_unfreeze_queue(lo->lo_queue);
+ }
+
+-out_unlock:
+ mutex_unlock(&loop_ctl_mutex);
++unlock_index:
++ mutex_unlock(&loop_index_mutex);
+ }
+
+ static const struct block_device_operations lo_fops = {
+@@ -1956,7 +1957,7 @@ static struct kobject *loop_probe(dev_t
+ struct kobject *kobj;
+ int err;
+
+- mutex_lock(&loop_ctl_mutex);
++ mutex_lock(&loop_index_mutex);
+ err = loop_lookup(&lo, MINOR(dev) >> part_shift);
+ if (err < 0)
+ err = loop_add(&lo, MINOR(dev) >> part_shift);
+@@ -1964,7 +1965,7 @@ static struct kobject *loop_probe(dev_t
+ kobj = NULL;
+ else
+ kobj = get_disk(lo->lo_disk);
+- mutex_unlock(&loop_ctl_mutex);
++ mutex_unlock(&loop_index_mutex);
+
+ *part = 0;
+ return kobj;
+@@ -1974,13 +1975,9 @@ static long loop_control_ioctl(struct fi
+ unsigned long parm)
+ {
+ struct loop_device *lo;
+- int ret;
+-
+- ret = mutex_lock_killable(&loop_ctl_mutex);
+- if (ret)
+- return ret;
++ int ret = -ENOSYS;
+
+- ret = -ENOSYS;
++ mutex_lock(&loop_index_mutex);
+ switch (cmd) {
+ case LOOP_CTL_ADD:
+ ret = loop_lookup(&lo, parm);
+@@ -1994,6 +1991,7 @@ static long loop_control_ioctl(struct fi
+ ret = loop_lookup(&lo, parm);
+ if (ret < 0)
+ break;
++ mutex_lock(&loop_ctl_mutex);
+ if (lo->lo_state != Lo_unbound) {
+ ret = -EBUSY;
+ mutex_unlock(&loop_ctl_mutex);
+@@ -2005,6 +2003,7 @@ static long loop_control_ioctl(struct fi
+ break;
+ }
+ lo->lo_disk->private_data = NULL;
++ mutex_unlock(&loop_ctl_mutex);
+ idr_remove(&loop_index_idr, lo->lo_number);
+ loop_remove(lo);
+ break;
+@@ -2014,7 +2013,7 @@ static long loop_control_ioctl(struct fi
+ break;
+ ret = loop_add(&lo, -1);
+ }
+- mutex_unlock(&loop_ctl_mutex);
++ mutex_unlock(&loop_index_mutex);
+
+ return ret;
+ }
+@@ -2098,10 +2097,10 @@ static int __init loop_init(void)
+ THIS_MODULE, loop_probe, NULL, NULL);
+
+ /* pre-create number of devices given by config or max_loop */
+- mutex_lock(&loop_ctl_mutex);
++ mutex_lock(&loop_index_mutex);
+ for (i = 0; i < nr; i++)
+ loop_add(&lo, i);
+- mutex_unlock(&loop_ctl_mutex);
++ mutex_unlock(&loop_index_mutex);
+
+ printk(KERN_INFO "loop: module loaded\n");
+ return 0;
projects / thirdparty / kernel / stable-queue.git / commitdiff
