diff options
author | ken <ken@FreeBSD.org> | 2012-06-24 04:29:03 +0000 |
---|---|---|
committer | ken <ken@FreeBSD.org> | 2012-06-24 04:29:03 +0000 |
commit | be54b17782e6e96ea044ccc043eec5661ed7c817 (patch) | |
tree | c21b95fd4c28376fc78b1a9e401300679a06d094 /sys/geom/geom_subr.c | |
parent | 0a7002aae7e61d6d39fe1f0321e5c165246d87e3 (diff) | |
download | FreeBSD-src-be54b17782e6e96ea044ccc043eec5661ed7c817.zip FreeBSD-src-be54b17782e6e96ea044ccc043eec5661ed7c817.tar.gz |
Fix a bug which causes a panic in daopen(). The panic is caused by
a da(4) instance going away while GEOM is still probing it.
In this case, the GEOM disk class instance has been created by
disk_create(), and the taste of the disk is queued in the GEOM
event queue.
While that event is queued, the da(4) instance goes away. When the
open call comes into the da(4) driver, it dereferences the freed
(but non-NULL) peripheral pointer provided by GEOM, which results
in a panic.
The solution is to add a callback to the GEOM disk code that is
called when all of its resources are cleaned up. This is
implemented inside GEOM by adding an optional callback that is
called when all consumers have detached from a provider, and the
provider is about to be deleted.
scsi_cd.c,
scsi_da.c: In the register routine for the cd(4) and da(4)
routines, acquire a reference to the CAM peripheral
instance just before we call disk_create().
Use the new GEOM disk d_gone() callback to register
a callback (dadiskgonecb()/cddiskgonecb()) that
decrements the peripheral reference count once GEOM
has finished cleaning up its resources.
In the cd(4) driver, clean up open and close
behavior slightly. GEOM makes sure we only get one
open() and one close call, so there is no need to
set an open flag and decrement the reference count
if we are not the first open.
In the cd(4) driver, use cam_periph_release_locked()
in a couple of error scenarios to avoid extra mutex
calls.
geom.h: Add a new, optional, providergone callback that
is called when a provider is about to be deleted.
geom_disk.h: Add a new d_gone() callback to the GEOM disk
interface.
Bump the DISK_VERSION to version 2. This probably
should have been done after a couple of previous
changes, especially the addition of the d_getattr()
callback.
geom_disk.c: Add a providergone callback for the disk class,
g_disk_providergone(), that calls the user's
d_gone() callback if it exists.
Bump the DISK_VERSION to 2.
geom_subr.c: In g_destroy_provider(), call the providergone
callback if it has been provided.
In g_new_geomf(), propagate the class's
providergone callback to the new geom instance.
blkfront.c: Callers of disk_create() are supposed to pass in
DISK_VERSION, not an explicit disk API version
number. Update the blkfront driver to do that.
disk.9: Update the disk(9) man page to include information
on the new d_gone() callback, as well as the
previously added d_getattr() callback, d_descr
field, and HBA PCI ID fields.
MFC after: 5 days
Diffstat (limited to 'sys/geom/geom_subr.c')
-rw-r--r-- | sys/geom/geom_subr.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/sys/geom/geom_subr.c b/sys/geom/geom_subr.c index 6e2589b..489de91 100644 --- a/sys/geom/geom_subr.c +++ b/sys/geom/geom_subr.c @@ -351,6 +351,7 @@ g_new_geomf(struct g_class *mp, const char *fmt, ...) gp->start = mp->start; gp->spoiled = mp->spoiled; gp->attrchanged = mp->attrchanged; + gp->providergone = mp->providergone; gp->dumpconf = mp->dumpconf; gp->access = mp->access; gp->orphan = mp->orphan; @@ -634,6 +635,13 @@ g_destroy_provider(struct g_provider *pp) LIST_REMOVE(pp, provider); gp = pp->geom; devstat_remove_entry(pp->stat); + /* + * If a callback was provided, send notification that the provider + * is now gone. + */ + if (gp->providergone != NULL) + gp->providergone(pp); + g_free(pp); if ((gp->flags & G_GEOM_WITHER)) g_do_wither(); |