[PATCH -tip/cpus4096-v2] cpumask: fix cpumask of call_function_data

From: Hiroshi Shimamoto
Date: Fri Oct 24 2008 - 00:50:44 EST

Next message: Randy Dunlap: "Re: [PATCH] Add io-mapping functions to dynamically map largedevice apertures"
Previous message: Peter Teoh: "Re: [PROBLEM] hard-lock with kmemtrace, relayfs, and splice"
Next in thread: Rusty Russell: "Re: [PATCH -tip/cpus4096-v2] cpumask: fix cpumask of call_function_data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Hiroshi Shimamoto <h-shimamoto@xxxxxxxxxxxxx>

The following assignment in smp_call_function_many() may cause unexpected
behavior, when !CPUMASK_OFFSTACK.
data->cpumask = allbutself;

Because it copys pointer of stack and the value will be modified after
exit from smp_call_function_many().

The type of cpumask field of call_function_data structure should be
cpumask_var_t and an operation to assign is needed.

Signed-off-by: Hiroshi Shimamoto <h-shimamoto@xxxxxxxxxxxxx>
---
include/linux/cpumask.h | 9 +++++++++
kernel/smp.c | 4 ++--
2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/include/linux/cpumask.h b/include/linux/cpumask.h
index d1f22ee..7bfc0f1 100644
--- a/include/linux/cpumask.h
+++ b/include/linux/cpumask.h
@@ -511,6 +511,10 @@ typedef struct cpumask *cpumask_var_t;

bool alloc_cpumask_var(cpumask_var_t *mask, gfp_t flags);
void free_cpumask_var(cpumask_var_t mask);
+static inline void assign_cpumask_var(cpumask_var_t *dst, cpumask_var_t src)
+{
+ *dst = src;
+}

#else
typedef struct cpumask cpumask_var_t[1];
@@ -524,6 +528,11 @@ static inline void free_cpumask_var(cpumask_var_t mask)
{
}

+static inline void assign_cpumask_var(cpumask_var_t *dst, cpumask_var_t src)
+{
+ (*dst)[0] = src[0];
+}
+
#endif /* CONFIG_CPUMASK_OFFSTACK */

/*
diff --git a/kernel/smp.c b/kernel/smp.c
index dccbb42..da98191 100644
--- a/kernel/smp.c
+++ b/kernel/smp.c
@@ -24,7 +24,7 @@ struct call_function_data {
struct call_single_data csd;
spinlock_t lock;
unsigned int refs;
- struct cpumask *cpumask;
+ cpumask_var_t cpumask;
struct rcu_head rcu_head;
};

@@ -370,7 +370,7 @@ void smp_call_function_many(const struct cpumask *mask,
data->csd.func = func;
data->csd.info = info;
data->refs = num_cpus;
- data->cpumask = allbutself;
+ assign_cpumask_var(&data->cpumask, allbutself);

spin_lock_irqsave(&call_function_lock, flags);
list_add_tail_rcu(&data->csd.list, &call_function_queue);
--
1.5.6

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Randy Dunlap: "Re: [PATCH] Add io-mapping functions to dynamically map largedevice apertures"
Previous message: Peter Teoh: "Re: [PROBLEM] hard-lock with kmemtrace, relayfs, and splice"
Next in thread: Rusty Russell: "Re: [PATCH -tip/cpus4096-v2] cpumask: fix cpumask of call_function_data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]