X-Git-Url: https://git.camperquake.de/gitweb.cgi?a=blobdiff_plain;f=module%2Fzfs%2Fzvol.c;fp=module%2Fzfs%2Fzvol.c;h=d4d533f0231d0560092921d033d968cba38ebe09;hb=65d56083b4617a4cade0cff68cbbaf68114169d6;hp=7a448f1948fa74436713c61d642d816bba206e8a;hpb=d5446cfc528262ae3a41da31a8524c9d2e793f45;p=zfs.git

diff --git a/module/zfs/zvol.c b/module/zfs/zvol.c
index 7a448f1..d4d533f 100644
--- a/module/zfs/zvol.c
+++ b/module/zfs/zvol.c
@@ -891,11 +891,39 @@ zvol_first_open(zvol_state_t *zv)
 {
 	objset_t *os;
 	uint64_t volsize;
+	int locked = 0;
 	int error;
 	uint64_t ro;
 
+	/*
+	 * In all other cases the spa_namespace_lock is taken before the
+	 * bdev->bd_mutex lock.  But in this case the Linux __blkdev_get()
+	 * function calls fops->open() with the bdev->bd_mutex lock held.
+	 *
+	 * To avoid a potential lock inversion deadlock we preemptively
+	 * try to take the spa_namespace_lock().  Normally it will not
+	 * be contended and this is safe because spa_open_common() handles
+	 * the case where the caller already holds the spa_namespace_lock.
+	 *
+	 * When it is contended we risk a lock inversion if we were to
+	 * block waiting for the lock.  Luckily, the __blkdev_get()
+	 * function allows us to return -ERESTARTSYS which will result in
+	 * bdev->bd_mutex being dropped, reacquired, and fops->open() being
+	 * called again.  This process can be repeated safely until both
+	 * locks are acquired.
+	 */
+	if (!mutex_owned(&spa_namespace_lock)) {
+		locked = mutex_tryenter(&spa_namespace_lock);
+		if (!locked)
+			return (-ERESTARTSYS);
+	}
+
 	/* lie and say we're read-only */
 	error = dmu_objset_own(zv->zv_name, DMU_OST_ZVOL, 1, zvol_tag, &os);
+
+	if (locked)
+		mutex_exit(&spa_namespace_lock);
+
 	if (error)
 		return (-error);