Re: [PATCH -mm] ehca: avoid crash on kthread_create() failure

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Akinobu Mita <akinobu.mita@gmail.com>
To: Muli Ben-Yehuda <muli@il.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>,
	linux-kernel@vger.kernel.org,
	Hoang-Nam Nguyen <hnguyen@de.ibm.com>,
	Christoph Raisch <raisch@de.ibm.com>,
	akpm@osdl.org
Subject: Re: [PATCH -mm] ehca: avoid crash on kthread_create() failure
Date: Mon, 25 Dec 2006 18:35:57 +0900	[thread overview]
Message-ID: <20061225093557.GA5726@APFDCB5C> (raw)
In-Reply-To: <20061225085551.GB2313@rhun.haifa.ibm.com>

On Mon, Dec 25, 2006 at 10:55:51AM +0200, Muli Ben-Yehuda wrote:
> This is correct because cct is allocated via alloc_percpu, which in
> turn calls kzalloc, which means cct->task is NULL by default, but it's
> a little too obscure for me. How about making it explicit?
> 
> task = kthread_create(...)
> if (!IS_ERR(task))
>    cct->task = task;
> else
>   cct->task = NULL;
> 
> return cct->task;

Subject: [PATCH -mm] ehca: avoid crash on kthread_create() failure (v3)

This patch disallows invalid task_struct pointer returned by
kthread_create() to be written to percpu data to avoid crash.

Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Hoang-Nam Nguyen <hnguyen@de.ibm.com>
Cc: Christoph Raisch <raisch@de.ibm.com>
Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>

---
 drivers/infiniband/hw/ehca/ehca_irq.c |   11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

Index: 2.6-mm/drivers/infiniband/hw/ehca/ehca_irq.c
===================================================================
--- 2.6-mm.orig/drivers/infiniband/hw/ehca/ehca_irq.c
+++ 2.6-mm/drivers/infiniband/hw/ehca/ehca_irq.c
@@ -606,15 +606,20 @@ static int comp_task(void *__cct)
 static struct task_struct *create_comp_task(struct ehca_comp_pool *pool,
 					    int cpu)
 {
+	struct task_struct *task;
 	struct ehca_cpu_comp_task *cct;
 
 	cct = per_cpu_ptr(pool->cpu_comp_tasks, cpu);
 	spin_lock_init(&cct->task_lock);
 	INIT_LIST_HEAD(&cct->cq_list);
 	init_waitqueue_head(&cct->wait_queue);
-	cct->task = kthread_create(comp_task, cct, "ehca_comp/%d", cpu);
+	task = kthread_create(comp_task, cct, "ehca_comp/%d", cpu);
+	if (!IS_ERR(task))
+		cct->task = task;
+	else
+		cct->task = NULL;
 
-	return cct->task;
+	return task;
 }
 
 static void destroy_comp_task(struct ehca_comp_pool *pool,
@@ -684,8 +689,10 @@ static int comp_pool_callback(struct not
 	case CPU_UP_CANCELED:
 		ehca_gen_dbg("CPU: %x (CPU_CANCELED)", cpu);
 		cct = per_cpu_ptr(pool->cpu_comp_tasks, cpu);
-		kthread_bind(cct->task, any_online_cpu(cpu_online_map));
-		destroy_comp_task(pool, cpu);
+		if (cct->task) {
+			kthread_bind(cct->task, any_online_cpu(cpu_online_map));
+			destroy_comp_task(pool, cpu);
+		}
 		break;
 	case CPU_ONLINE:
 		ehca_gen_dbg("CPU: %x (CPU_ONLINE)", cpu);

next prev parent reply	other threads:[~2006-12-25  9:36 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-12-19  8:42 [PATCH] ehca: fix kthread_create() error check Akinobu Mita
2006-12-19  9:32 ` Hoang-Nam Nguyen
2006-12-21 21:22 ` Heiko Carstens
2006-12-25  8:12   ` [PATCH -mm] ehca: avoid crash on kthread_create() failure Akinobu Mita
2006-12-25  8:30     ` Akinobu Mita
2006-12-25  8:55       ` Muli Ben-Yehuda
2006-12-25  9:35         ` Akinobu Mita [this message]
2006-12-25  9:41           ` Muli Ben-Yehuda
2006-12-25  9:58             ` Akinobu Mita
2006-12-25  8:13   ` [PATCH -mm] return error on create_comp_task() failure Akinobu Mita
2006-12-25  8:14   ` [PATCH -mm] ehca: fix memleak on module unloading Akinobu Mita

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20061225093557.GA5726@APFDCB5C \
    --to=akinobu.mita@gmail.com \
    --cc=akpm@osdl.org \
    --cc=heiko.carstens@de.ibm.com \
    --cc=hnguyen@de.ibm.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=muli@il.ibm.com \
    --cc=raisch@de.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.