lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20251230-blk_mq_no_ctx_checking-v1-1-2168131383e6@oss.qualcomm.com>
Date: Tue, 30 Dec 2025 17:17:05 +0800
From: Cong Zhang <cong.zhang@....qualcomm.com>
To: Jens Axboe <axboe@...nel.dk>
Cc: linux-arm-msm@...r.kernel.org, linux-block@...r.kernel.org,
        linux-kernel@...r.kernel.org, Cong Zhang <cong.zhang@....qualcomm.com>
Subject: [PATCH] blk-mq: skip CPU offline notify on unmapped hctx

If an hctx has no software ctx mapped, blk_mq_map_swqueue() never
allocates tags and leaves hctx->tags NULL. The CPU hotplug offline
notifier can still run for that hctx, return early since hctx cannot
hold any requests.

Signed-off-by: Cong Zhang <cong.zhang@....qualcomm.com>
---
This issue was observed during CPU hotplug. If an hctx is not mapped,
offlining a CPU can trigger a kernel crash.
When a block device does not map all hctx, some hctx instances may remain
unused. These unused hctx can still receive CPU offline notifications and
enter blk_mq_hctx_notify_offline().
blk_mq_hctx_notify_offline() calls blk_mq_hctx_has_requests() to check
whether there are pending requests on the hctx. However, unused hctx do
not have tags allocated, which leads to a crash.
Since an unused hctx cannot have any requests, fix this by returning
early when nr_ctx is zero, skipping blk_mq_hctx_notify_offline().
---
 block/blk-mq.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/block/blk-mq.c b/block/blk-mq.c
index 1978eef95dca3fb332a73aeff7b9613ee770a8a3..eff4f72ce83be80aac9da86aab35079be7d2b5e4 100644
--- a/block/blk-mq.c
+++ b/block/blk-mq.c
@@ -3721,7 +3721,7 @@ static int blk_mq_hctx_notify_offline(unsigned int cpu, struct hlist_node *node)
 			struct blk_mq_hw_ctx, cpuhp_online);
 	int ret = 0;
 
-	if (blk_mq_hctx_has_online_cpu(hctx, cpu))
+	if (!hctx->nr_ctx || blk_mq_hctx_has_online_cpu(hctx, cpu))
 		return 0;
 
 	/*

---
base-commit: cc3aa43b44bdb43dfbac0fcb51c56594a11338a8
change-id: 20251226-blk_mq_no_ctx_checking-05b68f5b8b9d

Best regards,
-- 
Cong Zhang <cong.zhang@....qualcomm.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ