[PATCH 1/2] ppc64: Fix iseries_veth module unload race and memory leak

Michael Ellerman michael at ellerman.id.au
Tue Jan 11 19:43:57 EST 2005 

Hi All,

When the iseries_veth driver module is unloaded there is the potential for an
oops and also some memory leakage.

Because the HvLpEvent_unregisterHandler() function did no synchronisation, it
was possible for the handler that was being unregistered to be running on another
CPU *after* HvLpEvent_unregisterHandler() had returned. This could cause the
iseries_veth driver to leave work in the events work queue after the module
had been unloaded. When that work was eventually executed we got an oops.

In addition some of the data structures in the iseries_veth driver were not
being correctly freed when the module was unloaded.

This is the first patch, which makes HvLpEvent_unregisterHandler() work.

 arch/ppc64/kernel/HvLpEvent.c         |    8 ++++++++
 include/asm-ppc64/iSeries/HvLpEvent.h |    3 +++
 2 files changed, 11 insertions(+)


Signed-off-by: Michael Ellerman <michael at ellerman.id.au>

diff -urN 2.6.10-ppc64-stock/arch/ppc64/kernel/HvLpEvent.c 2.6.10-ppc64-work/arch/ppc64/kernel/HvLpEvent.c
--- 2.6.10-ppc64-stock/arch/ppc64/kernel/HvLpEvent.c	2004-06-16 17:12:51.000000000 +1000
+++ 2.6.10-ppc64-work/arch/ppc64/kernel/HvLpEvent.c	2005-01-10 16:13:33.381994263 +1100
@@ -34,10 +34,18 @@
 int HvLpEvent_unregisterHandler( HvLpEvent_Type eventType )
 {
 	int rc = 1;
+
+	might_sleep();
+
 	if ( eventType < HvLpEvent_Type_NumTypes ) {
 		if ( !lpEventHandlerPaths[eventType] ) {
 			lpEventHandler[eventType] = NULL;
 			rc = 0;
+
+			/* We now sleep until all other CPUs have scheduled. This ensures that
+			 * the deletion is seen by all other CPUs, and that the deleted handler
+			 * isn't still running on another CPU when we return. */
+			synchronize_kernel();
 		}
 	}
 	return rc;
diff -urN 2.6.10-ppc64-stock/include/asm-ppc64/iSeries/HvLpEvent.h 2.6.10-ppc64-work/include/asm-ppc64/iSeries/HvLpEvent.h
--- 2.6.10-ppc64-stock/include/asm-ppc64/iSeries/HvLpEvent.h	2004-02-04 14:44:05.000000000 +1100
+++ 2.6.10-ppc64-work/include/asm-ppc64/iSeries/HvLpEvent.h	2005-01-10 16:11:18.899255131 +1100
@@ -75,6 +75,9 @@
 extern int HvLpEvent_registerHandler( HvLpEvent_Type eventType, LpEventHandler hdlr);
 
 // Unregister a handler for an event type
+//  This call will sleep until the handler being removed is guaranteed to
+//  be no longer executing on any CPU. Do not call with locks held.
+//
 //  returns 0 on success
 //  Unregister will fail if there are any paths open for the type
 extern int HvLpEvent_unregisterHandler( HvLpEvent_Type eventType );

More information about the Linuxppc64-dev mailing list