-
由 Thomas Gleixner 提交于
bnx2fc_process_new_cqes() has protection against CPU hotplug, which relies on the per cpu thread pointer. This protection is racy because it happens only partially with the per cpu fp_work_lock held. If the CPU is unplugged after the lock is dropped, the wakeup code can dereference a NULL pointer or access freed and potentially reused memory. Restructure the code so the thread check and wakeup happens with the fp_work_lock held. Signed-off-by: NThomas Gleixner <tglx@linutronix.de> Acked-by: NChad Dupuis <chad.dupuis@cavium.com> Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>
8addebc1