[PATCH 3/3] cpufreq: Prevent problems in update_policy_cpu() iflast_cpu == new_cpu

From: Srivatsa S. Bhat
Date: Wed Sep 11 2013 - 16:17:49 EST

Next message: Kees Cook: "Re: [PATCH] vsprintf: drop comment claiming %n is ignored"
Previous message: Srivatsa S. Bhat: "[PATCH 2/3] cpufreq: Restructure if/else block to avoid unintendedbehavior"
In reply to: Srivatsa S. Bhat: "[PATCH 2/3] cpufreq: Restructure if/else block to avoid unintendedbehavior"
Next in thread: Viresh Kumar: "Re: [PATCH 3/3] cpufreq: Prevent problems in update_policy_cpu() iflast_cpu == new_cpu"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If update_policy_cpu() is invoked with the existing policy->cpu itself
as the new-cpu parameter, then a lot of things can go terribly wrong.

In its present form, update_policy_cpu() always assumes that the new-cpu
is different from policy->cpu and invokes other functions to perform their
respective updates. And those functions implement the actual update like
this:

per_cpu(..., new_cpu) = per_cpu(..., last_cpu);
per_cpu(..., last_cpu) = NULL;

Thus, when new_cpu == last_cpu, the final NULL assignment makes the per-cpu
references vanish into thin air! (memory leak). From there, it leads to more
problems: cpufreq_stats_create_table() now doesn't find the per-cpu reference
and hence tries to create a new sysfs-group; but sysfs already had created
the group earlier, so it complains that it cannot create a duplicate filename.
In short, the repercussions of a rather innocuous invocation of
update_policy_cpu() can turn out to be pretty nasty.

Ideally update_policy_cpu() should handle this situation (new == last)
gracefully, and not lead to such severe problems. So fix it by adding an
appropriate check.

Signed-off-by: Srivatsa S. Bhat <srivatsa.bhat@xxxxxxxxxxxxxxxxxx>
Tested-by: Stephen Warren <swarren@xxxxxxxxxx>
---

drivers/cpufreq/cpufreq.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/drivers/cpufreq/cpufreq.c b/drivers/cpufreq/cpufreq.c
index 247842b..d32040c 100644
--- a/drivers/cpufreq/cpufreq.c
+++ b/drivers/cpufreq/cpufreq.c
@@ -949,6 +949,9 @@ static void cpufreq_policy_free(struct cpufreq_policy *policy)

static void update_policy_cpu(struct cpufreq_policy *policy, unsigned int cpu)
{
+ if (cpu == policy->cpu)
+ return;
+
policy->last_cpu = policy->cpu;
policy->cpu = cpu;

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Kees Cook: "Re: [PATCH] vsprintf: drop comment claiming %n is ignored"
Previous message: Srivatsa S. Bhat: "[PATCH 2/3] cpufreq: Restructure if/else block to avoid unintendedbehavior"
In reply to: Srivatsa S. Bhat: "[PATCH 2/3] cpufreq: Restructure if/else block to avoid unintendedbehavior"
Next in thread: Viresh Kumar: "Re: [PATCH 3/3] cpufreq: Prevent problems in update_policy_cpu() iflast_cpu == new_cpu"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]