block, bfq: get extra ref to prevent a queue from being freed during a group move
mainline inclusion from mainline-5.6-rc1 commit ecedd3d7 category: bugfix bugzilla: 50775 CVE: NA --------------------------- In bfq_bfqq_move(), the bfq_queue, say Q, to be moved to a new group may happen to be deactivated in the scheduling data structures of the source group (and then activated in the destination group). If Q is referred only by the data structures in the source group when the deactivation happens, then Q is freed upon the deactivation. This commit addresses this issue by getting an extra reference before the possible deactivation, and releasing this extra reference after Q has been moved. Tested-by:Chris Evich <cevich@redhat.com> Tested-by:
Oleksandr Natalenko <oleksandr@natalenko.name> Signed-off-by:
Paolo Valente <paolo.valente@linaro.org> Signed-off-by:
Jens Axboe <axboe@kernel.dk> Signed-off-by:
Yu Kuai <yukuai3@huawei.com> Reviewed-by:
Yufen Yu <yuyufen@huawei.com> Signed-off-by:
Yang Yingliang <yangyingliang@huawei.com> Signed-off-by:
Cheng Jian <cj.chengjian@huawei.com>
Please register or sign in to comment