Ensure that the disk has been initialized after acquiring the lock and

not before as we might end up sleeping while acquiring the lock,
introducing a potential race.

Tested in snaps for a couple of days.

ok mpi@

Reported-by: syzbot+c87cdc2905b441c20d39@syzkaller.appspotmail.com

diff --git a/sys/dev/vnd.c b/sys/dev/vnd.c
index 9b7b2ce..aee0251 100644 (file)
--- a/sys/dev/vnd.c
+++ b/sys/dev/vnd.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: vnd.c,v 1.174 2021/11/21 23:07:11 deraadt Exp $       */
+/*     $OpenBSD: vnd.c,v 1.175 2021/12/21 06:11:16 anton Exp $ */
 /*     $NetBSD: vnd.c,v 1.26 1996/03/30 23:06:11 christos Exp $        */
 
 /*
@@ -532,11 +532,12 @@ fail:
                break;
            }
        case VNDIOCCLR:
-               if ((sc->sc_flags & VNF_INITED) == 0)
-                       return (ENXIO);
-
                if ((error = disk_lock(&sc->sc_dk)) != 0)
                        return (error);
+               if ((sc->sc_flags & VNF_INITED) == 0) {
+                       disk_unlock(&sc->sc_dk);
+                       return (ENXIO);
+               }
 
                /*
                 * Don't unconfigure if any other partitions are open