mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-22 02:20:40 +00:00
Code Issues Releases Wiki Activity
linux-stable/kernel/irq
History
Edward Cree 86c7d38c2b genirq: Fix reference leaks on irq affinity notifiers 
commit df81dfcfd6 upstream.

The handling of notify->work did not properly maintain notify->kref in two
 cases:
1) where the work was already scheduled, another irq_set_affinity_locked()
   would get the ref and (no-op-ly) schedule the work.  Thus when
   irq_affinity_notify() ran, it would drop the original ref but not the
   additional one.
2) when cancelling the (old) work in irq_set_affinity_notifier(), if there
   was outstanding work a ref had been got for it but was never put.
Fix both by checking the return values of the work handling functions
 (schedule_work() for (1) and cancel_work_sync() for (2)) and put the
 extra ref if the return value indicates preexisting work.

Fixes: cd7eab44e9 ("genirq: Add IRQ affinity notifiers")
Fixes: 59c39840f5 ("genirq: Prevent use-after-free and work list corruption")
Signed-off-by: Edward Cree <ecree@solarflare.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Ben Hutchings <ben@decadent.org.uk>
Link: https://lkml.kernel.org/r/24f5983f-2ab5-e83a-44ee-a45b5f9300f5@solarflare.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-04-01 11:02:04 +02:00
..
affinity.c genirq/affinity: Remove const qualifier from node_to_cpumask argument 2019-08-28 12:20:43 +02:00
autoprobe.c genirq: Delay deactivation in free_irq() 2019-07-03 10:12:28 +02:00
chip.c Merge branch 'x86-apic-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-07-08 11:22:57 -07:00
cpuhotplug.c genirq: Delay deactivation in free_irq() 2019-07-03 10:12:28 +02:00
debug.h Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/pmladek/printk 2018-02-01 13:36:15 -08:00
debugfs.c x86/apic/msi: Plug non-maskable MSI affinity race 2020-02-11 04:35:54 -08:00
devres.c genirq/devres: Use struct_size() in devm_kzalloc() 2019-04-16 21:54:03 +02:00
dummychip.c genirq: Add missing SPDX identifiers 2018-03-20 14:23:28 +01:00
generic-chip.c genirq: Add missing SPDX identifiers 2018-03-20 14:23:28 +01:00
handle.c treewide: Switch printk users from %pf and %pF to %ps and %pS, respectively 2019-04-09 14:19:06 +02:00
internals.h genirq/proc: Reject invalid affinity masks (again) 2020-02-28 17:22:26 +01:00
ipi.c genirq: Fix various typos in comments 2018-12-18 14:22:28 +01:00
irq_sim.c irq/irq_sim: add irq_set_type() callback 2019-02-19 17:42:28 +01:00
irqdesc.c genirq: Properly pair kobject_del() with kobject_add() 2019-08-19 21:41:19 +02:00
irqdomain.c irqdomain: Fix a memory leak in irq_domain_push_irq() 2020-02-11 04:35:14 -08:00
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile genirq/timings: Add selftest for circular array 2019-06-12 10:47:04 +02:00
manage.c genirq: Fix reference leaks on irq affinity notifiers 2020-04-01 11:02:04 +02:00
matrix.c genirq/matrix: Improve target CPU selection for managed interrupts. 2018-11-06 23:20:13 +01:00
migration.c genirq/migration: Avoid out of line call if pending is not set 2018-06-06 15:18:20 +02:00
msi.c x86/apic/msi: Plug non-maskable MSI affinity race 2020-02-11 04:35:54 -08:00
pm.c PCI: irq: Introduce rearm_wake_irq() 2019-07-23 09:37:51 +02:00
proc.c genirq/proc: Reject invalid affinity masks (again) 2020-02-28 17:22:26 +01:00
resend.c genirq: Prevent NULL pointer dereference in resend_irqs() 2019-09-05 21:31:14 +02:00
settings.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
spurious.c treewide: Switch printk users from %pf and %pF to %ps and %pS, respectively 2019-04-09 14:19:06 +02:00
timings.c genirq/timings: Add selftest for next event computation 2019-06-12 10:47:05 +02:00