Re: [PATCHv2] kmmio/mmiotrace: fix double free of kmmio_fault_pages

[Marcin Slusarz]

On Sun, Jun 13, 2010 at 11:56:54PM +0200, Marcin Slusarz wrote:
> After every iounmap mmiotrace has to free kmmio_fault_pages, but it
> can't do it directly, so it defers freeing by RCU.
> 
> It usually works, but when mmiotraced code calls ioremap-iounmap
> multiple times without sleeping between (so RCU won't kick in and
> start freeing) it can be given the same virtual address, so at
> every iounmap mmiotrace will schedule the same pages for release.
> Obviously it will explode on second free.
> 
> Fix it by marking kmmio_fault_pages which are scheduled for release
> and not adding them second time.
> 
> Signed-off-by: Marcin Slusarz <marcin.slusarz@xxxxxxxxx>
> Acked-by: Pekka Paalanen <pq@xxxxxx>
> Cc: Stuart Bennett <stuart@xxxxxxxxxxxxxxx>
> Tested-by: Marcin KoÅcielnicki <koriakin@xxxxxxxx>
> Tested-by: Shinpei KATO <shinpei@xxxxxxxxxxxxxxxxxxxxx>
> ---

It would be good to apply it to -stable too. Sometimes people has to test
some earlier kernels because of unfixable constraints (you know, these
uncooperative vendors not releasing their binary drivers for latest kernels)

Marcin
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/