On Wed, Jul 22, 2015 at 01:38:48PM +0800, Pan Xinhui wrote:
> From: Pan Xinhui <xinhuix....@intel.com>
>
> It's more reasonable to unlock memtype_lock right after
> rbt_memtype_check_insert. memtype_lock protects all data stored in
> rb-tree from multiple access. It's not cool to call kfree, pr_info, etc
> with this lock held. So move spin_unlock a little ahead.
>
> If *new* succeed to be stored into the rb-tree, we might hit panic.
> Because we access *new* in dprintk "cattr_name(new->type)". Data stored
> in the rb-tree might be freed at any possbile time. It's abviously wrong
> to access such data without lock held. As new->type might be changed in
> rbt_memtype_check_insert, so save new->type to actual_type, then use
> actual_type in dprintk.
>
> Signed-off-by: Pan Xinhui <xinhuix....@intel.com>
> ---
> change from v2:
> update comments.
> change from V1:
> fix an access of *new* without memtype_lock held.
> ---
> arch/x86/mm/pat.c | 15 +++++++++------
> 1 file changed, 9 insertions(+), 6 deletions(-)
This patch still doesn't update the comments over memtype_lock.
>
> diff --git a/arch/x86/mm/pat.c b/arch/x86/mm/pat.c
> index 188e3e0..894a096 100644
> --- a/arch/x86/mm/pat.c
> +++ b/arch/x86/mm/pat.c
> @@ -538,22 +538,25 @@ int reserve_memtype(u64 start, u64 end, enum
> page_cache_mode req_type,
> new->type = actual_type;
>
> spin_lock(&memtype_lock);
> -
> err = rbt_memtype_check_insert(new, new_type);
> + /*
> + * new->type might be changed in rbt_memtype_check_insert.
> + * So save new->type to actual_type as dprintk uses it.
> + * We are not allowed to touch new after unlocking memtype_lock.
> + */
> + actual_type = new->type;
We already assign actual_type to new->type above. I think the dprintk
needs actual_type and not what new->type has been changed to as that is
in new_type.
> + spin_unlock(&memtype_lock);
> +
> if (err) {
> pr_info("x86/PAT: reserve_memtype failed [mem %#010Lx-%#010Lx],
> track %s, req %s\n",
> start, end - 1,
> cattr_name(new->type), cattr_name(req_type));
> kfree(new);
> - spin_unlock(&memtype_lock);
> -
> return err;
> }
>
> - spin_unlock(&memtype_lock);
> -
> dprintk("reserve_memtype added [mem %#010Lx-%#010Lx], track %s, req %s,
> ret %s\n",
> - start, end - 1, cattr_name(new->type), cattr_name(req_type),
> + start, end - 1, cattr_name(actual_type), cattr_name(req_type),
> new_type ? cattr_name(*new_type) : "-");
>
> return err;
> --
> 1.9.1
--
Regards/Gruss,
Boris.
ECO tip #101: Trim your mails when you reply.
--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
