--- /dev/null
+From b69d8c31e3f18ab93422db072a3e57638bb4129c Mon Sep 17 00:00:00 2001
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Date: Wed, 27 Feb 2019 14:58:58 +0100
+Subject: Revert "loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl()"
+
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+This reverts commit 5d3cf50105d007adc54949e0caeca1e944549723 which is
+commit 628bd85947091830a8c4872adfd5ed1d515a9cf2 upstream.
+
+It does not work properly in the 4.9.y tree and causes more problems
+than it fixes, so revert it.
+
+Reported-by: Thomas Lindroth <thomas.lindroth@gmail.com>
+Reported-by: Jan Kara <jack@suse.cz>
+Cc: syzbot <syzbot+c0138741c2290fc5e63f@syzkaller.appspotmail.com>
+Cc: Ming Lei <ming.lei@redhat.com>
+Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Cc: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/block/loop.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/drivers/block/loop.c
++++ b/drivers/block/loop.c
+@@ -1929,10 +1929,12 @@ static long loop_control_ioctl(struct fi
+ break;
+ if (lo->lo_state != Lo_unbound) {
+ ret = -EBUSY;
++ mutex_unlock(&loop_ctl_mutex);
+ break;
+ }
+ if (atomic_read(&lo->lo_refcnt) > 0) {
+ ret = -EBUSY;
++ mutex_unlock(&loop_ctl_mutex);
+ break;
+ }
+ lo->lo_disk->private_data = NULL;
--- /dev/null
+From 50c99bd6aa579ece90683e488c14ac5a88a5afc6 Mon Sep 17 00:00:00 2001
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Date: Wed, 27 Feb 2019 15:02:03 +0100
+Subject: Revert "loop: Fold __loop_release into loop_release"
+
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+This reverts commit 7d839c10b848aa66ca1290a21ee600bd17c2dcb4 which is
+commit 967d1dc144b50ad005e5eecdfadfbcfb399ffff6 upstream.
+
+It does not work properly in the 4.9.y tree and causes more problems
+than it fixes, so revert it.
+
+Reported-by: Thomas Lindroth <thomas.lindroth@gmail.com>
+Reported-by: Jan Kara <jack@suse.cz>
+Cc: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/block/loop.c | 16 +++++++++-------
+ 1 file changed, 9 insertions(+), 7 deletions(-)
+
+--- a/drivers/block/loop.c
++++ b/drivers/block/loop.c
+@@ -1575,15 +1575,12 @@ out:
+ return err;
+ }
+
+-static void lo_release(struct gendisk *disk, fmode_t mode)
++static void __lo_release(struct loop_device *lo)
+ {
+- struct loop_device *lo;
+ int err;
+
+- mutex_lock(&loop_index_mutex);
+- lo = disk->private_data;
+ if (atomic_dec_return(&lo->lo_refcnt))
+- goto unlock_index;
++ return;
+
+ mutex_lock(&loop_ctl_mutex);
+ if (lo->lo_flags & LO_FLAGS_AUTOCLEAR) {
+@@ -1593,7 +1590,7 @@ static void lo_release(struct gendisk *d
+ */
+ err = loop_clr_fd(lo);
+ if (!err)
+- goto unlock_index;
++ return;
+ } else {
+ /*
+ * Otherwise keep thread (if running) and config,
+@@ -1603,7 +1600,12 @@ static void lo_release(struct gendisk *d
+ }
+
+ mutex_unlock(&loop_ctl_mutex);
+-unlock_index:
++}
++
++static void lo_release(struct gendisk *disk, fmode_t mode)
++{
++ mutex_lock(&loop_index_mutex);
++ __lo_release(disk->private_data);
+ mutex_unlock(&loop_index_mutex);
+ }
+
--- /dev/null
+From 40be92f86e231126b4445ed185147004205c110c Mon Sep 17 00:00:00 2001
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Date: Wed, 27 Feb 2019 15:00:55 +0100
+Subject: Revert "loop: Get rid of loop_index_mutex"
+
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+This reverts commit 6a8f1d8d701462937ce01a3f2219af5435372af7 which is
+commit 0a42e99b58a208839626465af194cfe640ef9493 upstream.
+
+It does not work properly in the 4.9.y tree and causes more problems
+than it fixes, so revert it.
+
+Reported-by: Thomas Lindroth <thomas.lindroth@gmail.com>
+Reported-by: Jan Kara <jack@suse.cz>
+Cc: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/block/loop.c | 39 +++++++++++++++++++--------------------
+ 1 file changed, 19 insertions(+), 20 deletions(-)
+
+--- a/drivers/block/loop.c
++++ b/drivers/block/loop.c
+@@ -81,6 +81,7 @@
+ #include <asm/uaccess.h>
+
+ static DEFINE_IDR(loop_index_idr);
++static DEFINE_MUTEX(loop_index_mutex);
+ static DEFINE_MUTEX(loop_ctl_mutex);
+
+ static int max_part;
+@@ -1559,11 +1560,9 @@ static int lo_compat_ioctl(struct block_
+ static int lo_open(struct block_device *bdev, fmode_t mode)
+ {
+ struct loop_device *lo;
+- int err;
++ int err = 0;
+
+- err = mutex_lock_killable(&loop_ctl_mutex);
+- if (err)
+- return err;
++ mutex_lock(&loop_index_mutex);
+ lo = bdev->bd_disk->private_data;
+ if (!lo) {
+ err = -ENXIO;
+@@ -1572,7 +1571,7 @@ static int lo_open(struct block_device *
+
+ atomic_inc(&lo->lo_refcnt);
+ out:
+- mutex_unlock(&loop_ctl_mutex);
++ mutex_unlock(&loop_index_mutex);
+ return err;
+ }
+
+@@ -1581,11 +1580,12 @@ static void lo_release(struct gendisk *d
+ struct loop_device *lo;
+ int err;
+
+- mutex_lock(&loop_ctl_mutex);
++ mutex_lock(&loop_index_mutex);
+ lo = disk->private_data;
+ if (atomic_dec_return(&lo->lo_refcnt))
+- goto out_unlock;
++ goto unlock_index;
+
++ mutex_lock(&loop_ctl_mutex);
+ if (lo->lo_flags & LO_FLAGS_AUTOCLEAR) {
+ /*
+ * In autoclear mode, stop the loop thread
+@@ -1593,7 +1593,7 @@ static void lo_release(struct gendisk *d
+ */
+ err = loop_clr_fd(lo);
+ if (!err)
+- return;
++ goto unlock_index;
+ } else {
+ /*
+ * Otherwise keep thread (if running) and config,
+@@ -1602,8 +1602,9 @@ static void lo_release(struct gendisk *d
+ loop_flush(lo);
+ }
+
+-out_unlock:
+ mutex_unlock(&loop_ctl_mutex);
++unlock_index:
++ mutex_unlock(&loop_index_mutex);
+ }
+
+ static const struct block_device_operations lo_fops = {
+@@ -1889,7 +1890,7 @@ static struct kobject *loop_probe(dev_t
+ struct kobject *kobj;
+ int err;
+
+- mutex_lock(&loop_ctl_mutex);
++ mutex_lock(&loop_index_mutex);
+ err = loop_lookup(&lo, MINOR(dev) >> part_shift);
+ if (err < 0)
+ err = loop_add(&lo, MINOR(dev) >> part_shift);
+@@ -1897,7 +1898,7 @@ static struct kobject *loop_probe(dev_t
+ kobj = NULL;
+ else
+ kobj = get_disk(lo->lo_disk);
+- mutex_unlock(&loop_ctl_mutex);
++ mutex_unlock(&loop_index_mutex);
+
+ *part = 0;
+ return kobj;
+@@ -1907,13 +1908,9 @@ static long loop_control_ioctl(struct fi
+ unsigned long parm)
+ {
+ struct loop_device *lo;
+- int ret;
+-
+- ret = mutex_lock_killable(&loop_ctl_mutex);
+- if (ret)
+- return ret;
++ int ret = -ENOSYS;
+
+- ret = -ENOSYS;
++ mutex_lock(&loop_index_mutex);
+ switch (cmd) {
+ case LOOP_CTL_ADD:
+ ret = loop_lookup(&lo, parm);
+@@ -1927,6 +1924,7 @@ static long loop_control_ioctl(struct fi
+ ret = loop_lookup(&lo, parm);
+ if (ret < 0)
+ break;
++ mutex_lock(&loop_ctl_mutex);
+ if (lo->lo_state != Lo_unbound) {
+ ret = -EBUSY;
+ mutex_unlock(&loop_ctl_mutex);
+@@ -1938,6 +1936,7 @@ static long loop_control_ioctl(struct fi
+ break;
+ }
+ lo->lo_disk->private_data = NULL;
++ mutex_unlock(&loop_ctl_mutex);
+ idr_remove(&loop_index_idr, lo->lo_number);
+ loop_remove(lo);
+ break;
+@@ -1947,7 +1946,7 @@ static long loop_control_ioctl(struct fi
+ break;
+ ret = loop_add(&lo, -1);
+ }
+- mutex_unlock(&loop_ctl_mutex);
++ mutex_unlock(&loop_index_mutex);
+
+ return ret;
+ }
+@@ -2030,10 +2029,10 @@ static int __init loop_init(void)
+ THIS_MODULE, loop_probe, NULL, NULL);
+
+ /* pre-create number of devices given by config or max_loop */
+- mutex_lock(&loop_ctl_mutex);
++ mutex_lock(&loop_index_mutex);
+ for (i = 0; i < nr; i++)
+ loop_add(&lo, i);
+- mutex_unlock(&loop_ctl_mutex);
++ mutex_unlock(&loop_index_mutex);
+
+ printk(KERN_INFO "loop: module loaded\n");
+ return 0;
projects / thirdparty / kernel / stable-queue.git / commitdiff
