1
linux/arch
Stuart Bennett d0fc63f7bd x86 mmiotrace: fix remove_kmmio_fault_pages()
Impact: fix race+crash in mmiotrace

The list manipulation in remove_kmmio_fault_pages() was broken. If more
than one consecutive kmmio_fault_page was re-added during the grace
period between unregister_kmmio_probe() and remove_kmmio_fault_pages(),
the list manipulation failed to remove pages from the release list.

After a second grace period the pages get into rcu_free_kmmio_fault_pages()
and raise a BUG_ON() kernel crash.

The list manipulation is fixed to properly remove pages from the release
list.

This bug has been present from the very beginning of mmiotrace in the
mainline kernel. It was introduced in 0fd0e3da ("x86: mmiotrace full
patch, preview 1");

An urgent fix for Linus. Tested by Stuart (on 32-bit) and Pekka
(on amd and intel 64-bit systems, nouveau and nvidia proprietary).

Signed-off-by: Stuart Bennett <stuart@freedesktop.org>
Signed-off-by: Pekka Paalanen <pq@iki.fi>
LKML-Reference: <20090308202135.34933feb@daedalus.pq.iki.fi>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2009-03-08 19:51:23 +01:00
..
alpha cpumask: Use cpu_*_mask accessors code: alpha 2009-02-16 17:32:00 +10:30
arm Merge master.kernel.org:/home/rmk/linux-2.6-arm 2009-03-03 14:12:41 -08:00
avr32 [ARM] 5400/1: Add support for inverted rdy_busy pin for Atmel nand device controller 2009-02-16 21:40:39 +00:00
blackfin Blackfin arch: Remove outdated code 2009-02-04 16:49:45 +08:00
cris Merge branch 'syscalls' of git://git390.osdl.marist.edu/pub/scm/linux-2.6 2009-01-14 19:58:40 -08:00
frv FRV: in_interrupt() requires #inclusion of linux/hardirq.h not asm/hardirq.h now 2009-02-09 08:51:35 -08:00
h8300 Merge branch 'syscalls' of git://git390.osdl.marist.edu/pub/scm/linux-2.6 2009-01-14 19:58:40 -08:00
ia64 [IA64] Don't go beyond iosapic_intr_info's arraysize 2009-02-25 11:50:53 -08:00
m32r eeprom: More consistent symbol names 2009-01-26 21:19:57 +01:00
m68k m68k: atari - Rename "mfp" to "st_mfp" 2009-02-22 09:23:02 -08:00
m68knommu m68knommu: fix 5329 ColdFire periphal addressing 2009-01-27 16:42:03 +10:00
mips x86-64: seccomp: fix 32/64 syscall hole 2009-03-02 15:41:30 -08:00
mn10300 mn10300: fix typo && -> || in arch/mn10300/unit-asb2305/pci.c 2009-02-20 17:57:48 -08:00
parisc Documentation: move DMA-mapping.txt to Doc/PCI/ 2009-01-29 18:19:29 -08:00
powerpc powerpc: Run sbc610 USB fixup code only on the appropriate platform. 2009-03-04 17:36:52 +11:00
s390 Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2009-03-03 17:05:08 -08:00
sh sh: ap325rxa: Revert ov772x support. 2009-02-27 15:41:14 +09:00
sparc x86-64: seccomp: fix 32/64 syscall hole 2009-03-02 15:41:30 -08:00
um uml: fix vde network backend in user mode linux 2009-02-20 17:57:48 -08:00
x86 x86 mmiotrace: fix remove_kmmio_fault_pages() 2009-03-08 19:51:23 +01:00
xtensa byteorder: make swab.h include asm/swab.h like a regular header 2009-01-14 19:56:50 -08:00
.gitignore
Kconfig [CVE-2009-0029] System call wrapper infrastructure 2009-01-14 14:15:16 +01:00