• NeilBrown's avatar
    md: ensure md devices are freed before module is unloaded. · a44059c1
    NeilBrown authored
    commit 9356863c upstream.
    
    Commit: cbd19983 ("md: Fix unfortunate interaction with evms")
    change mddev_put() so that it would not destroy an md device while
    ->ctime was non-zero.
    
    Unfortunately, we didn't make sure to clear ->ctime when unloading
    the module, so it is possible for an md device to remain after
    module unload.  An attempt to open such a device will trigger
    an invalid memory reference in:
      get_gendisk -> kobj_lookup -> exact_lock -> get_disk
    
    when tring to access disk->fops, which was in the module that has
    been removed.
    
    So ensure we clear ->ctime in md_exit(), and explain how that is useful,
    as it isn't immediately obvious when looking at the code.
    
    Fixes: cbd19983 ("md: Fix unfortunate interaction with evms")
    Tested-by: default avatarGuoqing Jiang <gqjiang@suse.com>
    Signed-off-by: default avatarNeilBrown <neilb@suse.com>
    Signed-off-by: default avatarShaohua Li <shli@fb.com>
    Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
    a44059c1
md.c 215 KB