zram: read slot block idx under slot lock

Read slot's block id under slot-lock.  We release the slot-lock for bdev
read so, technically, slot still can get freed in the meantime, but at
least we will read bdev block (page) that holds previous know slot data,
not from slot->handle bdev block, which can be anything at that point.

Link: https://lkml.kernel.org/r/20251122074029.3948921-7-senozhatsky@chromium.org
Signed-off-by: Sergey Senozhatsky <senozhatsky@chromium.org>
Cc: Brian Geffon <bgeffon@google.com>
Cc: Minchan Kim <minchan@google.com>
Cc: Richard Chang <richardycc@google.com>
Cc: Yuwen Chen <ywen.chen@foxmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c
index 1f7e9e9..3428f64 100644 (file)
--- a/drivers/block/zram/zram_drv.c
+++ b/drivers/block/zram/zram_drv.c
@@ -1995,14 +1995,14 @@ static int zram_read_page(struct zram *zram, struct page *page, u32 index,
                ret = zram_read_from_zspool(zram, page, index);
                zram_slot_unlock(zram, index);
        } else {
+               unsigned long blk_idx = zram_get_handle(zram, index);
+
                /*
                 * The slot should be unlocked before reading from the backing
                 * device.
                 */
                zram_slot_unlock(zram, index);
-
-               ret = read_from_bdev(zram, page, zram_get_handle(zram, index),
-                                    parent);
+               ret = read_from_bdev(zram, page, blk_idx, parent);
        }
 
        /* Should NEVER happen. Return bio error if it does. */