From: "Joel Fernandes (Google)" <[email protected]> Handle cases where the the object being kvfree_rcu()'d is not aligned by 2-byte boundaries.
Signed-off-by: Uladzislau Rezki (Sony) <[email protected]> Signed-off-by: Joel Fernandes (Google) <[email protected]> --- kernel/rcu/tree.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/kernel/rcu/tree.c b/kernel/rcu/tree.c index 501cac02146d..649bad7ad0f0 100644 --- a/kernel/rcu/tree.c +++ b/kernel/rcu/tree.c @@ -2877,6 +2877,9 @@ struct kvfree_rcu_bulk_data { #define KVFREE_BULK_MAX_ENTR \ ((PAGE_SIZE - sizeof(struct kvfree_rcu_bulk_data)) / sizeof(void *)) +/* Encoding the offset of a fake rcu_head to indicate the head is a wrapper. */ +#define RCU_HEADLESS_KFREE BIT(31) + /** * struct kfree_rcu_cpu_work - single batch of kfree_rcu() requests * @rcu_work: Let queue_rcu_work() invoke workqueue handler after grace period @@ -3078,9 +3081,9 @@ static void kfree_rcu_work(struct work_struct *work) next = head->next; /* We tag the headless object, if so adjust offset. */ - headless = (((unsigned long) head - offset) & BIT(0)); + headless = !!(offset & RCU_HEADLESS_KFREE); if (headless) - offset -= 1; + offset &= ~(RCU_HEADLESS_KFREE); ptr = (void *) head - offset; @@ -3356,7 +3359,7 @@ void kvfree_call_rcu(struct rcu_head *head, rcu_callback_t func) * that has to be freed as well as dynamically * attached wrapper/head. */ - func = (rcu_callback_t) (sizeof(unsigned long *) + 1); + func = (rcu_callback_t)(sizeof(unsigned long *) | RCU_HEADLESS_KFREE); } head->func = func; -- 2.20.1
