Commit 57066001 authored by Ming Lei's avatar Ming Lei Committed by Yang Yingliang
Browse files

block: mark flush request as IDLE when it is really finished 



mainline inclusion
from mainline-5.10-rc5
commit	9f16a667
category: bugfix
bugzilla: 45589
CVE: NA

-------------------------------------------------

For avoiding use-after-free on flush request, we call its .end_io() from
both timeout code path and __blk_mq_end_request().

When flush request's ref doesn't drop to zero, it is still used, we
can't mark it as IDLE, so fix it by marking IDLE when its refcount drops
to zero really.

Fixes: 65ff5cd0 ("blk-mq: mark flush request as IDLE in flush_end_io()")
Signed-off-by: default avatarMing Lei <ming.lei@redhat.com>
Cc: Yi Zhang <yi.zhang@redhat.com>
Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>

Conflicts:
        block/blk-flush.c

Signed-off-by: default avatarBaokun Li <libaokun1@huawei.com>
Reviewed-by: default avatarYufen Yu <yuyufen@huawei.com>
Signed-off-by: default avatarYang Yingliang <yangyingliang@huawei.com>
parent 3345df54
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment