1. 17 1月, 2012 8 次提交
  2. 18 11月, 2011 1 次提交
    • K
      pstore: pass allocated memory region back to caller · f6f82851
      Kees Cook 提交于
      The buf_lock cannot be held while populating the inodes, so make the backend
      pass forward an allocated and filled buffer instead. This solves the following
      backtrace. The effect is that "buf" is only ever used to notify the backends
      that something was written to it, and shouldn't be used in the read path.
      
      To replace the buf_lock during the read path, isolate the open/read/close
      loop with a separate mutex to maintain serialized access to the backend.
      
      Note that is is up to the pstore backend to cope if the (*write)() path is
      called in the middle of the read path.
      
      [   59.691019] BUG: sleeping function called from invalid context at .../mm/slub.c:847
      [   59.691019] in_atomic(): 0, irqs_disabled(): 1, pid: 1819, name: mount
      [   59.691019] Pid: 1819, comm: mount Not tainted 3.0.8 #1
      [   59.691019] Call Trace:
      [   59.691019]  [<810252d5>] __might_sleep+0xc3/0xca
      [   59.691019]  [<810a26e6>] kmem_cache_alloc+0x32/0xf3
      [   59.691019]  [<810b53ac>] ? __d_lookup_rcu+0x6f/0xf4
      [   59.691019]  [<810b68b1>] alloc_inode+0x2a/0x64
      [   59.691019]  [<810b6903>] new_inode+0x18/0x43
      [   59.691019]  [<81142447>] pstore_get_inode.isra.1+0x11/0x98
      [   59.691019]  [<81142623>] pstore_mkfile+0xae/0x26f
      [   59.691019]  [<810a2a66>] ? kmem_cache_free+0x19/0xb1
      [   59.691019]  [<8116c821>] ? ida_get_new_above+0x140/0x158
      [   59.691019]  [<811708ea>] ? __init_rwsem+0x1e/0x2c
      [   59.691019]  [<810b67e8>] ? inode_init_always+0x111/0x1b0
      [   59.691019]  [<8102127e>] ? should_resched+0xd/0x27
      [   59.691019]  [<8137977f>] ? _cond_resched+0xd/0x21
      [   59.691019]  [<81142abf>] pstore_get_records+0x52/0xa7
      [   59.691019]  [<8114254b>] pstore_fill_super+0x7d/0x91
      [   59.691019]  [<810a7ff5>] mount_single+0x46/0x82
      [   59.691019]  [<8114231a>] pstore_mount+0x15/0x17
      [   59.691019]  [<811424ce>] ? pstore_get_inode.isra.1+0x98/0x98
      [   59.691019]  [<810a8199>] mount_fs+0x5a/0x12d
      [   59.691019]  [<810b9174>] ? alloc_vfsmnt+0xa4/0x14a
      [   59.691019]  [<810b9474>] vfs_kern_mount+0x4f/0x7d
      [   59.691019]  [<810b9d7e>] do_kern_mount+0x34/0xb2
      [   59.691019]  [<810bb15f>] do_mount+0x5fc/0x64a
      [   59.691019]  [<810912fb>] ? strndup_user+0x2e/0x3f
      [   59.691019]  [<810bb3cb>] sys_mount+0x66/0x99
      [   59.691019]  [<8137b537>] sysenter_do_call+0x12/0x26
      Signed-off-by: NKees Cook <keescook@chromium.org>
      Signed-off-by: NTony Luck <tony.luck@intel.com>
      f6f82851
  3. 13 11月, 2011 1 次提交
  4. 07 11月, 2011 8 次提交
  5. 05 11月, 2011 1 次提交
  6. 01 11月, 2011 4 次提交
  7. 22 10月, 2011 1 次提交
  8. 17 10月, 2011 2 次提交
  9. 15 10月, 2011 1 次提交
    • P
      PCI hotplug: acpiphp: Prevent deadlock on PCI-to-PCI bridge remove · 6af8bef1
      Prarit Bhargava 提交于
      I originally submitted a patch to workaround this by pushing all Ejection
      Requests and Device Checks onto the kacpi_hotplug queue.
      
      http://marc.info/?l=linux-acpi&m=131678270930105&w=2
      
      The patch is still insufficient in that Bus Checks also need to be added.
      
      Rather than add all events, including non-PCI-hotplug events, to the
      hotplug queue, mjg suggested that a better approach would be to modify
      the acpiphp driver so only acpiphp events would be added to the
      kacpi_hotplug queue.
      
      It's a longer patch, but at least we maintain the benefit of having separate
      queues in ACPI.  This, of course, is still only a workaround the problem.
      As Bjorn and mjg pointed out, we have to refactor a lot of this code to do
      the right thing but at this point it is a better to have this code working.
      
      The acpi core places all events on the kacpi_notify queue.  When the acpiphp
      driver is loaded and a PCI card with a PCI-to-PCI bridge is removed the
      following call sequence occurs:
      
      cleanup_p2p_bridge()
      	    -> cleanup_bridge()
      		    -> acpi_remove_notify_handler()
      			    -> acpi_os_wait_events_complete()
      				    -> flush_workqueue(kacpi_notify_wq)
      
      which is the queue we are currently executing on and the process will hang.
      
      Move all hotplug acpiphp events onto the kacpi_hotplug workqueue.  In
      handle_hotplug_event_bridge() and handle_hotplug_event_func() we can simply
      push the rest of the work onto the kacpi_hotplug queue and then avoid the
      deadlock.
      Signed-off-by: NPrarit Bhargava <prarit@redhat.com>
      Cc: mjg@redhat.com
      Cc: bhelgaas@google.com
      Cc: linux-acpi@vger.kernel.org
      Signed-off-by: NJesse Barnes <jbarnes@virtuousgeek.org>
      6af8bef1
  10. 13 10月, 2011 1 次提交
  11. 10 10月, 2011 1 次提交
  12. 04 10月, 2011 1 次提交
  13. 13 9月, 2011 1 次提交
  14. 30 8月, 2011 1 次提交
  15. 25 8月, 2011 1 次提交
  16. 17 8月, 2011 1 次提交
    • D
      pstore: change mutex locking to spin_locks · abd4d558
      Don Zickus 提交于
      pstore was using mutex locking to protect read/write access to the
      backend plug-ins.  This causes problems when pstore is executed in
      an NMI context through panic() -> kmsg_dump().
      
      This patch changes the mutex to a spin_lock_irqsave then also checks to
      see if we are in an NMI context.  If we are in an NMI and can't get the
      lock, just print a message stating that and blow by the locking.
      
      All this is probably a hack around the bigger locking problem but it
      solves my current situation of trying to sleep in an NMI context.
      
      Tested by loading the lkdtm module and executing a HARDLOCKUP which
      will cause the machine to panic inside the nmi handler.
      Signed-off-by: NDon Zickus <dzickus@redhat.com>
      Acked-by: NMatthew Garrett <mjg@redhat.com>
      Signed-off-by: NTony Luck <tony.luck@intel.com>
      abd4d558
  17. 12 8月, 2011 2 次提交
  18. 06 8月, 2011 1 次提交
    • S
      Battery: sysfs_remove_battery(): possible circular locking · 69d94ec6
      Sergey Senozhatsky 提交于
      Commit 9c921c22
      Author: Lan Tianyu <tianyu.lan@intel.com>
      
          ACPI / Battery: Resolve the race condition in the sysfs_remove_battery()
      
      fixed BUG https://bugzilla.kernel.org/show_bug.cgi?id=35642 , but as a side
      effect made lockdep unhappy with sysfs_remove_battery():
      
      [14818.477168]
      [14818.477170] =======================================================
      [14818.477200] [ INFO: possible circular locking dependency detected ]
      [14818.477221] 3.1.0-dbg-07865-g1280ea8-dirty #668
      [14818.477236] -------------------------------------------------------
      [14818.477257] s2ram/1599 is trying to acquire lock:
      [14818.477276]  (s_active#8){++++.+}, at: [<ffffffff81169147>] sysfs_addrm_finish+0x31/0x5a
      [14818.477323]
      [14818.477325] but task is already holding lock:
      [14818.477350]  (&battery->lock){+.+.+.}, at: [<ffffffffa0047278>] sysfs_remove_battery+0x10/0x4b [battery]
      [14818.477395]
      [14818.477397] which lock already depends on the new lock.
      [14818.477399]
      [..]
      [14818.479121] stack backtrace:
      [14818.479148] Pid: 1599, comm: s2ram Not tainted 3.1.0-dbg-07865-g1280ea8-dirty #668
      [14818.479175] Call Trace:
      [14818.479198]  [<ffffffff814828c3>] print_circular_bug+0x293/0x2a4
      [14818.479228]  [<ffffffff81070cb5>] __lock_acquire+0xfe4/0x164b
      [14818.479260]  [<ffffffff81169147>] ? sysfs_addrm_finish+0x31/0x5a
      [14818.479288]  [<ffffffff810718d2>] lock_acquire+0x138/0x1ac
      [14818.479316]  [<ffffffff81169147>] ? sysfs_addrm_finish+0x31/0x5a
      [14818.479345]  [<ffffffff81168a79>] sysfs_deactivate+0x9b/0xec
      [14818.479373]  [<ffffffff81169147>] ? sysfs_addrm_finish+0x31/0x5a
      [14818.479405]  [<ffffffff81169147>] sysfs_addrm_finish+0x31/0x5a
      [14818.479433]  [<ffffffff81167bc5>] sysfs_hash_and_remove+0x54/0x77
      [14818.479461]  [<ffffffff811681b9>] sysfs_remove_file+0x12/0x14
      [14818.479488]  [<ffffffff81385bf8>] device_remove_file+0x12/0x14
      [14818.479516]  [<ffffffff81386504>] device_del+0x119/0x17c
      [14818.479542]  [<ffffffff81386575>] device_unregister+0xe/0x1a
      [14818.479570]  [<ffffffff813c6ef9>] power_supply_unregister+0x23/0x27
      [14818.479601]  [<ffffffffa004729c>] sysfs_remove_battery+0x34/0x4b [battery]
      [14818.479632]  [<ffffffffa004778f>] battery_notify+0x2c/0x3a [battery]
      [14818.479662]  [<ffffffff8148fe82>] notifier_call_chain+0x74/0xa1
      [14818.479692]  [<ffffffff810624b4>] __blocking_notifier_call_chain+0x6c/0x89
      [14818.479722]  [<ffffffff810624e0>] blocking_notifier_call_chain+0xf/0x11
      [14818.479751]  [<ffffffff8107e40e>] pm_notifier_call_chain+0x15/0x27
      [14818.479770]  [<ffffffff8107ee1a>] enter_state+0xa7/0xd5
      [14818.479782]  [<ffffffff8107e341>] state_store+0xaa/0xc0
      [14818.479795]  [<ffffffff8107e297>] ? pm_async_store+0x45/0x45
      [14818.479807]  [<ffffffff81248837>] kobj_attr_store+0x17/0x19
      [14818.479820]  [<ffffffff81167e27>] sysfs_write_file+0x103/0x13f
      [14818.479834]  [<ffffffff81109037>] vfs_write+0xad/0x13d
      [14818.479847]  [<ffffffff811092b2>] sys_write+0x45/0x6c
      [14818.479860]  [<ffffffff81492f92>] system_call_fastpath+0x16/0x1b
      
      This patch introduces separate lock to struct acpi_battery to
      grab in sysfs_remove_battery() instead of battery->lock.
      So fix by Lan Tianyu is still there, we just grab independent lock.
      Signed-off-by: NSergey Senozhatsky <sergey.senozhatsky@gmail.com>
      Tested-by: NLan Tianyu <tianyu.lan@intel.com>
      Signed-off-by: NLen Brown <len.brown@intel.com>
      69d94ec6
  19. 03 8月, 2011 3 次提交