mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-08-24 09:50:04 +00:00
Code Issues Releases Wiki Activity
linux-stable/kernel
History
Kevin Hao 463c46705f cpufreq: schedutil: Use kobject release() method to free sugov_tunables 
[ Upstream commit e5c6b312ce ]

The struct sugov_tunables is protected by the kobject, so we can't free
it directly. Otherwise we would get a call trace like this:
  ODEBUG: free active (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x30
  WARNING: CPU: 3 PID: 720 at lib/debugobjects.c:505 debug_print_object+0xb8/0x100
  Modules linked in:
  CPU: 3 PID: 720 Comm: a.sh Tainted: G        W         5.14.0-rc1-next-20210715-yocto-standard+ #507
  Hardware name: Marvell OcteonTX CN96XX board (DT)
  pstate: 40400009 (nZcv daif +PAN -UAO -TCO BTYPE=--)
  pc : debug_print_object+0xb8/0x100
  lr : debug_print_object+0xb8/0x100
  sp : ffff80001ecaf910
  x29: ffff80001ecaf910 x28: ffff00011b10b8d0 x27: ffff800011043d80
  x26: ffff00011a8f0000 x25: ffff800013cb3ff0 x24: 0000000000000000
  x23: ffff80001142aa68 x22: ffff800011043d80 x21: ffff00010de46f20
  x20: ffff800013c0c520 x19: ffff800011d8f5b0 x18: 0000000000000010
  x17: 6e6968207473696c x16: 5f72656d6974203a x15: 6570797420746365
  x14: 6a626f2029302065 x13: 303378302f307830 x12: 2b6e665f72656d69
  x11: ffff8000124b1560 x10: ffff800012331520 x9 : ffff8000100ca6b0
  x8 : 000000000017ffe8 x7 : c0000000fffeffff x6 : 0000000000000001
  x5 : ffff800011d8c000 x4 : ffff800011d8c740 x3 : 0000000000000000
  x2 : ffff0001108301c0 x1 : ab3c90eedf9c0f00 x0 : 0000000000000000
  Call trace:
   debug_print_object+0xb8/0x100
   __debug_check_no_obj_freed+0x1c0/0x230
   debug_check_no_obj_freed+0x20/0x88
   slab_free_freelist_hook+0x154/0x1c8
   kfree+0x114/0x5d0
   sugov_exit+0xbc/0xc0
   cpufreq_exit_governor+0x44/0x90
   cpufreq_set_policy+0x268/0x4a8
   store_scaling_governor+0xe0/0x128
   store+0xc0/0xf0
   sysfs_kf_write+0x54/0x80
   kernfs_fop_write_iter+0x128/0x1c0
   new_sync_write+0xf0/0x190
   vfs_write+0x2d4/0x478
   ksys_write+0x74/0x100
   __arm64_sys_write+0x24/0x30
   invoke_syscall.constprop.0+0x54/0xe0
   do_el0_svc+0x64/0x158
   el0_svc+0x2c/0xb0
   el0t_64_sync_handler+0xb0/0xb8
   el0t_64_sync+0x198/0x19c
  irq event stamp: 5518
  hardirqs last  enabled at (5517): [<ffff8000100cbd7c>] console_unlock+0x554/0x6c8
  hardirqs last disabled at (5518): [<ffff800010fc0638>] el1_dbg+0x28/0xa0
  softirqs last  enabled at (5504): [<ffff8000100106e0>] __do_softirq+0x4d0/0x6c0
  softirqs last disabled at (5483): [<ffff800010049548>] irq_exit+0x1b0/0x1b8

So split the original sugov_tunables_free() into two functions,
sugov_clear_global_tunables() is just used to clear the global_tunables
and the new sugov_tunables_free() is used as kobj_type::release to
release the sugov_tunables safely.

Fixes: 9bdcb44e39 ("cpufreq: schedutil: New governor based on scheduler utilization data")
Cc: 4.7+ <stable@vger.kernel.org> # 4.7+
Signed-off-by: Kevin Hao <haokexin@gmail.com>
Acked-by: Viresh Kumar <viresh.kumar@linaro.org>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-10-06 15:05:08 +02:00
..
bpf bpf: No need to simulate speculative domain for immediates 2021-06-10 12:43:53 +02:00
cgroup cgroup1: don't allow '\n' in renaming 2021-06-16 11:53:02 +02:00
configs ANDROID: binder: add hwbinder,vndbinder to BINDER_DEVICES. 2017-08-22 18:43:23 -07:00
debug kdb: Make memory allocations more robust 2021-03-03 18:22:36 +01:00
events events: Reuse value read using READ_ONCE instead of re-reading it 2021-09-22 11:45:33 +02:00
gcov gcov: add support for GCC 10.1 2020-09-23 10:46:32 +02:00
irq genirq: Disable interrupts for force threaded handlers 2021-03-24 11:05:06 +01:00
livepatch livepatch: Nullify obj->mod in klp_module_coming()'s error path 2019-10-07 18:55:09 +02:00
locking rtmutex: Remove unused argument from rt_mutex_proxy_unlock() 2021-01-30 13:31:16 +01:00
power PM: hibernate: remove the bogus call to get_gendisk() in software_resume() 2020-10-29 09:07:16 +01:00
printk printk: fix deadlock when kernel panic 2021-03-03 18:22:55 +01:00
rcu rcu: Fix missed wakeup of exp_wq waiters 2021-09-26 13:37:28 +02:00
sched cpufreq: schedutil: Use kobject release() method to free sugov_tunables 2021-10-06 15:05:08 +02:00
time posix-timers: Preserve return value in clock_adjtime32() 2021-05-22 10:57:22 +02:00
trace blktrace: Fix uaf in blk_trace access after removing by sysfs 2021-10-06 15:05:06 +02:00
.gitignore
acct.c kernel/acct.c: fix the acct->needcheck check in check_free_space() 2018-01-10 09:31:17 +01:00
async.c kernel/async.c: revert "async: simplify lowest_in_progress()" 2018-02-16 20:23:05 +01:00
audit.c audit: fix a net reference leak in audit_list_rules_send() 2020-06-20 10:25:10 +02:00
audit.h audit: fix a net reference leak in audit_list_rules_send() 2020-06-20 10:25:10 +02:00
audit_fsnotify.c
audit_tree.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
audit_watch.c audit: CONFIG_CHANGE don't log internal bookkeeping as an event 2020-10-01 13:12:33 +02:00
auditfilter.c audit: fix a net reference leak in audit_list_rules_send() 2020-06-20 10:25:10 +02:00
auditsc.c audit: print empty EXECVE args 2019-12-01 09:14:03 +01:00
backtracetest.c
bounds.c kbuild: fix kernel/bounds.c 'W=1' warning 2018-11-13 11:15:08 -08:00
capability.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
compat.c make 'user_access_begin()' do 'access_ok()' 2020-06-20 10:24:58 +02:00
configs.c
context_tracking.c
cpu.c cpu/hotplug: Cure the cpusets trainwreck 2021-07-20 16:17:46 +02:00
cpu_pm.c kernel/cpu_pm: Fix uninitted local in cpu_pm 2020-06-20 10:25:19 +02:00
crash_core.c kdump: write correct address of mem_section into vmcoreinfo 2018-01-17 09:45:27 +01:00
crash_dump.c
cred.c memcg: account security cred as well to kmemcg 2020-01-09 10:17:54 +01:00
delayacct.c delayacct: Use raw_spinlocks 2018-08-03 07:50:38 +02:00
dma.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
exec_domain.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
exit.c don't dump the threads that had been already exiting when zapped. 2020-11-18 18:27:58 +01:00
extable.c extable: Enable RCU if it is not watching in kernel_text_address() 2017-09-23 16:50:20 -04:00
fork.c mm/hugetlb: initialize hugetlb_usage in mm_init 2021-09-22 11:45:32 +02:00
freezer.c
futex.c mm, futex: fix shared futex pgoff on shmem huge page 2021-07-11 12:48:12 +02:00
groups.c kernel: make groups_sort calling a responsibility group_info allocators 2017-12-20 10:10:18 +01:00
hung_task.c kernel: hung_task.c: disable on suspend 2019-04-20 09:15:05 +02:00
irq_work.c
jump_label.c sched/core: Fix cpu.max vs. cpuhotplug deadlock 2018-12-05 19:41:17 +01:00
kallsyms.c kallsyms: Don't let kallsyms_lookup_size_offset() fail on retrieving the first symbol 2019-09-21 07:15:38 +02:00
kcmp.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kcov.c kcov: ensure irq code sees a valid area 2018-08-03 07:50:22 +02:00
kexec.c
kexec_core.c kexec: Allocate decrypted control pages for kdump if SME is enabled 2019-11-24 08:23:15 +01:00
kexec_file.c kernel: kexec_file: fix error return code of kexec_calculate_store_digests() 2021-05-22 10:57:39 +02:00
kexec_internal.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
kmod.c kmod: make request_module() return an error when autoloading is disabled 2020-04-24 08:00:44 +02:00
kprobes.c kretprobe: Avoid re-registration of the same kretprobe earlier 2021-02-10 09:12:09 +01:00
ksysfs.c
kthread.c kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() 2021-07-11 12:48:13 +02:00
latencytop.c
Makefile elfcore: fix building with clang 2021-02-10 09:12:08 +01:00
memremap.c mm, devm_memremap_pages: kill mapping "System RAM" support 2019-01-13 10:01:02 +01:00
module-internal.h
module.c modules: inherit TAINT_PROPRIETARY_MODULE 2021-05-22 10:57:24 +02:00
module_signing.c
notifier.c x86/mm: split vmalloc_sync_all() 2020-04-02 16:34:20 +02:00
nsproxy.c
padata.c padata: purge get_cpu and reorder_via_wq from padata_do_serial 2020-05-27 16:43:05 +02:00
panic.c panic: ensure preemption is disabled during panic() 2019-10-17 13:43:19 -07:00
params.c kernel/params.c: improve STANDARD_PARAM_DEF readability 2017-10-03 17:54:26 -07:00
pid.c pids: make task_tgid_nr_ns() safe 2017-08-21 12:47:31 -07:00
pid_namespace.c memcg: enable accounting for pids in nested pid namespaces 2021-09-22 11:45:32 +02:00
profile.c profiling: fix shift-out-of-bounds bugs 2021-09-26 13:37:28 +02:00
ptrace.c ptrace: make ptrace() fail if the tracee changed its pid unexpectedly 2021-05-26 11:46:58 +02:00
range.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
reboot.c reboot: fix overflow parsing reboot cpu number 2020-11-18 18:28:02 +01:00
relay.c kernel/relay.c: fix memleak on destroy relay channel 2020-08-26 10:29:54 +02:00
resource.c resource: fix integer overflow at reallocation 2018-04-24 09:36:22 +02:00
seccomp.c seccomp: Add missing return in non-void function 2021-03-03 18:22:53 +01:00
signal.c signal: Extend exec_id to 64bits 2020-04-24 08:00:38 +02:00
smp.c smp: Fix smp_call_function_single_async prototype 2021-05-22 10:57:35 +02:00
smpboot.c kthread: Extract KTHREAD_IS_PER_CPU 2021-02-07 14:47:41 +01:00
smpboot.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
softirq.c Mark HI and TASKLET softirq synchronous 2018-08-15 18:12:47 +02:00
stacktrace.c
stop_machine.c stop_machine: Atomically queue and wake stopper threads 2018-09-05 09:26:36 +02:00
sys.c prctl: allow to setup brk for et_dyn executables 2021-09-26 13:37:28 +02:00
sys_ni.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sysctl.c kernel: sysctl: make drop_caches write-only 2020-01-04 13:59:57 +01:00
sysctl_binary.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
task_work.c locking/barriers: Convert users of lockless_dereference() to READ_ONCE() 2017-12-25 14:26:21 +01:00
taskstats.c taskstats: fix data-race 2020-01-09 10:17:53 +01:00
test_kprobes.c
torture.c
tracepoint.c tracepoint: Do not fail unregistering a probe due to memory failure 2021-03-03 18:22:47 +01:00
tsacct.c
ucount.c
uid16.c kernel: make groups_sort calling a responsibility group_info allocators 2017-12-20 10:10:18 +01:00
umh.c usermodehelper: reset umask to default before executing user process 2020-10-14 09:51:10 +02:00
up.c smp: Fix smp_call_function_single_async prototype 2021-05-22 10:57:35 +02:00
user-return-notifier.c
user.c
user_namespace.c userns: move user access out of the mutex 2018-09-09 19:56:00 +02:00
utsname.c
utsname_sysctl.c sys: don't hold uts_sem while accessing userspace memory 2018-09-09 19:56:00 +02:00
watchdog.c watchdog/softlockup: Enforce that timestamp is valid on boot 2020-02-28 16:36:05 +01:00
watchdog_hld.c watchdog: Mark watchdog touch functions as notrace 2018-09-05 09:26:42 +02:00
workqueue.c workqueue: fix UAF in pwq_unbound_release_workfn() 2021-08-04 12:22:14 +02:00
workqueue_internal.h Merge branch 'for-4.14-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq 2017-11-06 12:26:49 -08:00