rpms/kernel/F-11 linux-2.6-slub-fix-destroy-by-rcu.patch, NONE, 1.1 kernel.spec, 1.1730, 1.1731
Chuck Ebbert
cebbert at fedoraproject.org
Wed Sep 9 04:54:11 UTC 2009
Author: cebbert
Update of /cvs/pkgs/rpms/kernel/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv17130
Modified Files:
kernel.spec
Added Files:
linux-2.6-slub-fix-destroy-by-rcu.patch
Log Message:
Add linux-2.6-slub-fix-destroy-by-rcu.patch (fixes bug in 2.6.30.4)
linux-2.6-slub-fix-destroy-by-rcu.patch:
slub.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- NEW FILE linux-2.6-slub-fix-destroy-by-rcu.patch ---
From: Eric Dumazet <eric.dumazet at gmail.com>
Date: Thu, 3 Sep 2009 19:38:59 +0000 (+0300)
Subject: slub: Fix kmem_cache_destroy() with SLAB_DESTROY_BY_RCU
X-Git-Tag: v2.6.31-rc9~13^2
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=d76b1590e06a63a3d8697168cd0aabf1c4b3cb3a
slub: Fix kmem_cache_destroy() with SLAB_DESTROY_BY_RCU
kmem_cache_destroy() should call rcu_barrier() *after* kmem_cache_close() and
*before* sysfs_slab_remove() or risk rcu_free_slab() being called after
kmem_cache is deleted (kfreed).
rmmod nf_conntrack can crash the machine because it has to kmem_cache_destroy()
a SLAB_DESTROY_BY_RCU enabled cache.
Cc: <stable at kernel.org>
Reported-by: Zdenek Kabelac <zdenek.kabelac at gmail.com>
Signed-off-by: Eric Dumazet <eric.dumazet at gmail.com>
Acked-by: Paul E. McKenney <paulmck at linux.vnet.ibm.com>
Signed-off-by: Pekka Enberg <penberg at cs.helsinki.fi>
---
diff --git a/mm/slub.c b/mm/slub.c
index b9f1491..b627675 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -2594,8 +2594,6 @@ static inline int kmem_cache_close(struct kmem_cache *s)
*/
void kmem_cache_destroy(struct kmem_cache *s)
{
- if (s->flags & SLAB_DESTROY_BY_RCU)
- rcu_barrier();
down_write(&slub_lock);
s->refcount--;
if (!s->refcount) {
@@ -2606,6 +2604,8 @@ void kmem_cache_destroy(struct kmem_cache *s)
"still has objects.\n", s->name, __func__);
dump_stack();
}
+ if (s->flags & SLAB_DESTROY_BY_RCU)
+ rcu_barrier();
sysfs_slab_remove(s);
} else
up_write(&slub_lock);
Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-11/kernel.spec,v
retrieving revision 1.1730
retrieving revision 1.1731
diff -u -p -r1.1730 -r1.1731
--- kernel.spec 9 Sep 2009 04:43:29 -0000 1.1730
+++ kernel.spec 9 Sep 2009 04:54:10 -0000 1.1731
@@ -731,6 +731,9 @@ Patch14000: make-mmap_min_addr-suck-less
Patch14050: hda-check-strcpy-length.patch
Patch14060: linux-2.6-v4l-dvb-af9015-fix-stack-corruption.patch
+# fix bug introduced in 2.6.30.4
+Patch14070: linux-2.6-slub-fix-destroy-by-rcu.patch
+
# fix stack protector problems with xen on x86_64
Patch14080: linux-2.6-x86-load-percpu-segment-no-stackprotector.patch
Patch14090: linux-2.6-xen-rearrange-to-fix-stackprotector.patch
@@ -1365,6 +1368,9 @@ ApplyPatch linux-2.6-v4l-dvb-af9015-fix-
ApplyPatch linux-2.6-x86-load-percpu-segment-no-stackprotector.patch
ApplyPatch linux-2.6-xen-rearrange-to-fix-stackprotector.patch
+# fix 2.6.30.4 bug
+ApplyPatch linux-2.6-slub-fix-destroy-by-rcu.patch
+
# END OF PATCH APPLICATIONS
%endif
@@ -1953,6 +1959,9 @@ fi
# and build.
%changelog
+* Wed Sep 09 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.6-52
+- Add linux-2.6-slub-fix-destroy-by-rcu.patch (fixes bug in 2.6.30.4)
+
* Wed Sep 09 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.6-51
- 2.6.30.6
- Drop patches merged in -stable:
More information about the scm-commits
mailing list