On Fri, Apr 06, 2018 at 09:57:03AM -0700, Omar Sandoval wrote:
> From: Omar Sandoval <osan...@fb.com>
>
> Commit 2d1d4c1e591f made loop_get_status() drop lo_ctx_mutex before
> returning, but the loop_get_status_old(), loop_get_status64(), and
> loop_get_status_compat() wrappers don't call loop_get_status() if the
> passed argument is NULL. The callers expect that the lock is dropped, so
> make sure we drop it in that case, too.
>
> Reported-by: syzbot+31e8daa8b3fc129e7...@syzkaller.appspotmail.com
> Fixes: 2d1d4c1e591f ("loop: don't call into filesystem while holding
> lo_ctl_mutex")
> Signed-off-by: Omar Sandoval <osan...@fb.com>
> ---
> Based on Linus' tree.
>
> drivers/block/loop.c | 33 ++++++++++++++++++---------------
> 1 file changed, 18 insertions(+), 15 deletions(-)
Also just pushed a regression test to blktests:
140ee15de9f3 ("loop: add ioctl lock imbalance regression test")
