* [PATCH 1/3] cxl: fix leak of IRQ names in cxl_free_afu_irqs()
@ 2015-09-30 1:58 Andrew Donnellan
2015-09-30 1:58 ` [PATCH 2/3] cxl: fix leak of ctx->irq_bitmap when releasing context via kernel API Andrew Donnellan
` (4 more replies)
0 siblings, 5 replies; 13+ messages in thread
From: Andrew Donnellan @ 2015-09-30 1:58 UTC (permalink / raw)
To: linuxppc-dev; +Cc: imunsie, mikey, vaibhav, mrochs
cxl_free_afu_irqs() doesn't free IRQ names when it releases an AFU's IRQ
ranges. The userspace API equivalent in afu_release_irqs() calls
afu_irq_name_free() to release the IRQ names.
Call afu_irq_name_free() in cxl_free_afu_irqs() to release the IRQ names.
Make afu_irq_name_free() non-static to allow this.
Reported-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
Fixes: 6f7f0b3df6d4 ("cxl: Add AFU virtual PHB and kernel API")
Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
Signed-off-by: Ian Munsie <imunsie@au1.ibm.com>
---
drivers/misc/cxl/api.c | 1 +
drivers/misc/cxl/cxl.h | 1 +
drivers/misc/cxl/irq.c | 2 +-
3 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/misc/cxl/api.c b/drivers/misc/cxl/api.c
index 8af12c8..103baf0 100644
--- a/drivers/misc/cxl/api.c
+++ b/drivers/misc/cxl/api.c
@@ -105,6 +105,7 @@ EXPORT_SYMBOL_GPL(cxl_allocate_afu_irqs);
void cxl_free_afu_irqs(struct cxl_context *ctx)
{
+ afu_irq_name_free(ctx);
cxl_release_irq_ranges(&ctx->irqs, ctx->afu->adapter);
}
EXPORT_SYMBOL_GPL(cxl_free_afu_irqs);
diff --git a/drivers/misc/cxl/cxl.h b/drivers/misc/cxl/cxl.h
index 1c30ef7..0cfb9c1 100644
--- a/drivers/misc/cxl/cxl.h
+++ b/drivers/misc/cxl/cxl.h
@@ -677,6 +677,7 @@ int cxl_register_serr_irq(struct cxl_afu *afu);
void cxl_release_serr_irq(struct cxl_afu *afu);
int afu_register_irqs(struct cxl_context *ctx, u32 count);
void afu_release_irqs(struct cxl_context *ctx, void *cookie);
+void afu_irq_name_free(struct cxl_context *ctx);
irqreturn_t cxl_slice_irq_err(int irq, void *data);
int cxl_debugfs_init(void);
diff --git a/drivers/misc/cxl/irq.c b/drivers/misc/cxl/irq.c
index 583b42a..38b57d6 100644
--- a/drivers/misc/cxl/irq.c
+++ b/drivers/misc/cxl/irq.c
@@ -414,7 +414,7 @@ void cxl_release_psl_irq(struct cxl_afu *afu)
kfree(afu->psl_irq_name);
}
-static void afu_irq_name_free(struct cxl_context *ctx)
+void afu_irq_name_free(struct cxl_context *ctx)
{
struct cxl_irq_name *irq_name, *tmp;
--
Andrew Donnellan Software Engineer, OzLabs
andrew.donnellan@au1.ibm.com Australia Development Lab, Canberra
+61 2 6201 8874 (work) IBM Australia Limited
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 2/3] cxl: fix leak of ctx->irq_bitmap when releasing context via kernel API
2015-09-30 1:58 [PATCH 1/3] cxl: fix leak of IRQ names in cxl_free_afu_irqs() Andrew Donnellan
@ 2015-09-30 1:58 ` Andrew Donnellan
2015-09-30 6:01 ` Ian Munsie
` (2 more replies)
2015-09-30 1:58 ` [PATCH 3/3] cxl: fix leak of ctx->mapping when releasing kernel API contexts Andrew Donnellan
` (3 subsequent siblings)
4 siblings, 3 replies; 13+ messages in thread
From: Andrew Donnellan @ 2015-09-30 1:58 UTC (permalink / raw)
To: linuxppc-dev; +Cc: imunsie, mikey, vaibhav, mrochs
At present, ctx->irq_bitmap is freed in afu_release_irqs(), which is called
from afu_release() via cxl_context_detach().
Move the freeing of ctx->irq_bitmap from afu_release_irqs() to
reclaim_ctx() (called through cxl_context_free()) so it's freed when
releasing a context via the kernel API (cxl_release_context()) or the
userspace API (afu_release()).
Reported-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
Fixes: 6f7f0b3df6d4 ("cxl: Add AFU virtual PHB and kernel API")
Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
---
drivers/misc/cxl/context.c | 3 +++
drivers/misc/cxl/irq.c | 2 --
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/misc/cxl/context.c b/drivers/misc/cxl/context.c
index e762f85..2faa127 100644
--- a/drivers/misc/cxl/context.c
+++ b/drivers/misc/cxl/context.c
@@ -275,6 +275,9 @@ static void reclaim_ctx(struct rcu_head *rcu)
if (ctx->kernelapi)
kfree(ctx->mapping);
+ if (ctx->irq_bitmap)
+ kfree(ctx->irq_bitmap);
+
kfree(ctx);
}
diff --git a/drivers/misc/cxl/irq.c b/drivers/misc/cxl/irq.c
index 38b57d6..09a4060 100644
--- a/drivers/misc/cxl/irq.c
+++ b/drivers/misc/cxl/irq.c
@@ -524,7 +524,5 @@ void afu_release_irqs(struct cxl_context *ctx, void *cookie)
afu_irq_name_free(ctx);
cxl_release_irq_ranges(&ctx->irqs, ctx->afu->adapter);
- kfree(ctx->irq_bitmap);
- ctx->irq_bitmap = NULL;
ctx->irq_count = 0;
}
--
Andrew Donnellan Software Engineer, OzLabs
andrew.donnellan@au1.ibm.com Australia Development Lab, Canberra
+61 2 6201 8874 (work) IBM Australia Limited
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 3/3] cxl: fix leak of ctx->mapping when releasing kernel API contexts
2015-09-30 1:58 [PATCH 1/3] cxl: fix leak of IRQ names in cxl_free_afu_irqs() Andrew Donnellan
2015-09-30 1:58 ` [PATCH 2/3] cxl: fix leak of ctx->irq_bitmap when releasing context via kernel API Andrew Donnellan
@ 2015-09-30 1:58 ` Andrew Donnellan
2015-09-30 6:02 ` Ian Munsie
` (3 more replies)
2015-09-30 14:03 ` [PATCH 1/3] cxl: fix leak of IRQ names in cxl_free_afu_irqs() Matthew R. Ochs
` (2 subsequent siblings)
4 siblings, 4 replies; 13+ messages in thread
From: Andrew Donnellan @ 2015-09-30 1:58 UTC (permalink / raw)
To: linuxppc-dev; +Cc: imunsie, mikey, vaibhav, mrochs
When a context is created via the kernel API, ctx->mapping is allocated
within the kernel and thus needs to be freed when the context is freed.
reclaim_ctx() attempts to do this for contexts with the ctx->kernelapi flag
set, but afu_release() (which can be called from the kernel API through
cxl_fd_release()) sets ctx->mapping to NULL before calling
cxl_context_free() to free the context.
Add a check to afu_release() so that the mappings in contexts created via
the kernel API are left alone so reclaim_ctx() can free them.
Reported-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
Fixes: 6f7f0b3df6d4 ("cxl: Add AFU virtual PHB and kernel API")
Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
---
drivers/misc/cxl/file.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/drivers/misc/cxl/file.c b/drivers/misc/cxl/file.c
index a30bf28..fcda6b0 100644
--- a/drivers/misc/cxl/file.c
+++ b/drivers/misc/cxl/file.c
@@ -120,9 +120,16 @@ int afu_release(struct inode *inode, struct file *file)
__func__, ctx->pe);
cxl_context_detach(ctx);
- mutex_lock(&ctx->mapping_lock);
- ctx->mapping = NULL;
- mutex_unlock(&ctx->mapping_lock);
+
+ /*
+ * Delete the context's mapping pointer, unless it's created by the
+ * kernel API, in which case leave it so it can be freed by reclaim_ctx()
+ */
+ if (!ctx->kernelapi) {
+ mutex_lock(&ctx->mapping_lock);
+ ctx->mapping = NULL;
+ mutex_unlock(&ctx->mapping_lock);
+ }
put_device(&ctx->afu->dev);
--
Andrew Donnellan Software Engineer, OzLabs
andrew.donnellan@au1.ibm.com Australia Development Lab, Canberra
+61 2 6201 8874 (work) IBM Australia Limited
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [PATCH 2/3] cxl: fix leak of ctx->irq_bitmap when releasing context via kernel API
2015-09-30 1:58 ` [PATCH 2/3] cxl: fix leak of ctx->irq_bitmap when releasing context via kernel API Andrew Donnellan
@ 2015-09-30 6:01 ` Ian Munsie
2015-09-30 14:04 ` Matthew R. Ochs
2015-10-01 6:51 ` [2/3] " Michael Ellerman
2 siblings, 0 replies; 13+ messages in thread
From: Ian Munsie @ 2015-09-30 6:01 UTC (permalink / raw)
To: andrew.donnellan; +Cc: linuxppc-dev, mikey, Matthew R. Ochs, Vaibhav Jain
Acked-by: Ian Munsie <imunsie@au1.ibm.com>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH 3/3] cxl: fix leak of ctx->mapping when releasing kernel API contexts
2015-09-30 1:58 ` [PATCH 3/3] cxl: fix leak of ctx->mapping when releasing kernel API contexts Andrew Donnellan
@ 2015-09-30 6:02 ` Ian Munsie
2015-09-30 14:04 ` Matthew R. Ochs
` (2 subsequent siblings)
3 siblings, 0 replies; 13+ messages in thread
From: Ian Munsie @ 2015-09-30 6:02 UTC (permalink / raw)
To: andrew.donnellan; +Cc: linuxppc-dev, mikey, Matthew R. Ochs, Vaibhav Jain
Good catch!
Acked-by: Ian Munsie <imunsie@au1.ibm.com>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH 1/3] cxl: fix leak of IRQ names in cxl_free_afu_irqs()
2015-09-30 1:58 [PATCH 1/3] cxl: fix leak of IRQ names in cxl_free_afu_irqs() Andrew Donnellan
2015-09-30 1:58 ` [PATCH 2/3] cxl: fix leak of ctx->irq_bitmap when releasing context via kernel API Andrew Donnellan
2015-09-30 1:58 ` [PATCH 3/3] cxl: fix leak of ctx->mapping when releasing kernel API contexts Andrew Donnellan
@ 2015-09-30 14:03 ` Matthew R. Ochs
2015-10-01 6:49 ` [1/3] " Michael Ellerman
2015-10-01 6:51 ` Michael Ellerman
4 siblings, 0 replies; 13+ messages in thread
From: Matthew R. Ochs @ 2015-09-30 14:03 UTC (permalink / raw)
To: Andrew Donnellan; +Cc: linuxppc-dev, imunsie, mikey, vaibhav
Reviewed-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH 2/3] cxl: fix leak of ctx->irq_bitmap when releasing context via kernel API
2015-09-30 1:58 ` [PATCH 2/3] cxl: fix leak of ctx->irq_bitmap when releasing context via kernel API Andrew Donnellan
2015-09-30 6:01 ` Ian Munsie
@ 2015-09-30 14:04 ` Matthew R. Ochs
2015-10-01 6:51 ` [2/3] " Michael Ellerman
2 siblings, 0 replies; 13+ messages in thread
From: Matthew R. Ochs @ 2015-09-30 14:04 UTC (permalink / raw)
To: Andrew Donnellan; +Cc: linuxppc-dev, imunsie, mikey, vaibhav
Reviewed-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH 3/3] cxl: fix leak of ctx->mapping when releasing kernel API contexts
2015-09-30 1:58 ` [PATCH 3/3] cxl: fix leak of ctx->mapping when releasing kernel API contexts Andrew Donnellan
2015-09-30 6:02 ` Ian Munsie
@ 2015-09-30 14:04 ` Matthew R. Ochs
2015-10-01 6:51 ` [3/3] " Michael Ellerman
2015-10-07 10:10 ` Michael Ellerman
3 siblings, 0 replies; 13+ messages in thread
From: Matthew R. Ochs @ 2015-09-30 14:04 UTC (permalink / raw)
To: Andrew Donnellan; +Cc: linuxppc-dev, imunsie, mikey, vaibhav
Reviewed-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [1/3] cxl: fix leak of IRQ names in cxl_free_afu_irqs()
2015-09-30 1:58 [PATCH 1/3] cxl: fix leak of IRQ names in cxl_free_afu_irqs() Andrew Donnellan
` (2 preceding siblings ...)
2015-09-30 14:03 ` [PATCH 1/3] cxl: fix leak of IRQ names in cxl_free_afu_irqs() Matthew R. Ochs
@ 2015-10-01 6:49 ` Michael Ellerman
2015-10-01 6:51 ` Michael Ellerman
4 siblings, 0 replies; 13+ messages in thread
From: Michael Ellerman @ 2015-10-01 6:49 UTC (permalink / raw)
To: Andrew Donnellan, linuxppc-dev; +Cc: mikey, mrochs, imunsie, vaibhav
On Wed, 2015-30-09 at 01:58:05 UTC, Andrew Donnellan wrote:
> cxl_free_afu_irqs() doesn't free IRQ names when it releases an AFU's IRQ
> ranges. The userspace API equivalent in afu_release_irqs() calls
> afu_irq_name_free() to release the IRQ names.
>
> Call afu_irq_name_free() in cxl_free_afu_irqs() to release the IRQ names.
> Make afu_irq_name_free() non-static to allow this.
>
> Reported-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
> Fixes: 6f7f0b3df6d4 ("cxl: Add AFU virtual PHB and kernel API")
> Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
> Signed-off-by: Ian Munsie <imunsie@au1.ibm.com>
> Reviewed-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
Applied to powerpc fixes, thanks.
https://git.kernel.org/powerpc/c/8dde152ea34860403c839598
cheers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [1/3] cxl: fix leak of IRQ names in cxl_free_afu_irqs()
2015-09-30 1:58 [PATCH 1/3] cxl: fix leak of IRQ names in cxl_free_afu_irqs() Andrew Donnellan
` (3 preceding siblings ...)
2015-10-01 6:49 ` [1/3] " Michael Ellerman
@ 2015-10-01 6:51 ` Michael Ellerman
4 siblings, 0 replies; 13+ messages in thread
From: Michael Ellerman @ 2015-10-01 6:51 UTC (permalink / raw)
To: Andrew Donnellan, linuxppc-dev; +Cc: mikey, mrochs, imunsie, vaibhav
On Wed, 2015-30-09 at 01:58:05 UTC, Andrew Donnellan wrote:
> cxl_free_afu_irqs() doesn't free IRQ names when it releases an AFU's IRQ
> ranges. The userspace API equivalent in afu_release_irqs() calls
> afu_irq_name_free() to release the IRQ names.
>
> Call afu_irq_name_free() in cxl_free_afu_irqs() to release the IRQ names.
> Make afu_irq_name_free() non-static to allow this.
>
> Reported-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
> Fixes: 6f7f0b3df6d4 ("cxl: Add AFU virtual PHB and kernel API")
> Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
> Signed-off-by: Ian Munsie <imunsie@au1.ibm.com>
> Reviewed-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
Applied to powerpc fixes, thanks.
https://git.kernel.org/powerpc/c/8dde152ea34860403c839598
cheers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [2/3] cxl: fix leak of ctx->irq_bitmap when releasing context via kernel API
2015-09-30 1:58 ` [PATCH 2/3] cxl: fix leak of ctx->irq_bitmap when releasing context via kernel API Andrew Donnellan
2015-09-30 6:01 ` Ian Munsie
2015-09-30 14:04 ` Matthew R. Ochs
@ 2015-10-01 6:51 ` Michael Ellerman
2 siblings, 0 replies; 13+ messages in thread
From: Michael Ellerman @ 2015-10-01 6:51 UTC (permalink / raw)
To: Andrew Donnellan, linuxppc-dev; +Cc: mikey, mrochs, imunsie, vaibhav
On Wed, 2015-30-09 at 01:58:06 UTC, Andrew Donnellan wrote:
> At present, ctx->irq_bitmap is freed in afu_release_irqs(), which is called
> from afu_release() via cxl_context_detach().
>
> Move the freeing of ctx->irq_bitmap from afu_release_irqs() to
> reclaim_ctx() (called through cxl_context_free()) so it's freed when
> releasing a context via the kernel API (cxl_release_context()) or the
> userspace API (afu_release()).
>
> Reported-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
> Fixes: 6f7f0b3df6d4 ("cxl: Add AFU virtual PHB and kernel API")
> Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
> Acked-by: Ian Munsie <imunsie@au1.ibm.com>
> Reviewed-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
Applied to powerpc fixes, thanks.
https://git.kernel.org/powerpc/c/52adee580d3c71a0dfabc316
cheers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [3/3] cxl: fix leak of ctx->mapping when releasing kernel API contexts
2015-09-30 1:58 ` [PATCH 3/3] cxl: fix leak of ctx->mapping when releasing kernel API contexts Andrew Donnellan
2015-09-30 6:02 ` Ian Munsie
2015-09-30 14:04 ` Matthew R. Ochs
@ 2015-10-01 6:51 ` Michael Ellerman
2015-10-07 10:10 ` Michael Ellerman
3 siblings, 0 replies; 13+ messages in thread
From: Michael Ellerman @ 2015-10-01 6:51 UTC (permalink / raw)
To: Andrew Donnellan, linuxppc-dev; +Cc: mikey, mrochs, imunsie, vaibhav
On Wed, 2015-30-09 at 01:58:07 UTC, Andrew Donnellan wrote:
> When a context is created via the kernel API, ctx->mapping is allocated
> within the kernel and thus needs to be freed when the context is freed.
> reclaim_ctx() attempts to do this for contexts with the ctx->kernelapi flag
> set, but afu_release() (which can be called from the kernel API through
> cxl_fd_release()) sets ctx->mapping to NULL before calling
> cxl_context_free() to free the context.
>
> Add a check to afu_release() so that the mappings in contexts created via
> the kernel API are left alone so reclaim_ctx() can free them.
>
> Reported-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
> Fixes: 6f7f0b3df6d4 ("cxl: Add AFU virtual PHB and kernel API")
> Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
> Acked-by: Ian Munsie <imunsie@au1.ibm.com>
> Reviewed-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
Applied to powerpc fixes, thanks.
https://git.kernel.org/powerpc/c/5f81b95fe2a2de4ec51d46ff
cheers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [3/3] cxl: fix leak of ctx->mapping when releasing kernel API contexts
2015-09-30 1:58 ` [PATCH 3/3] cxl: fix leak of ctx->mapping when releasing kernel API contexts Andrew Donnellan
` (2 preceding siblings ...)
2015-10-01 6:51 ` [3/3] " Michael Ellerman
@ 2015-10-07 10:10 ` Michael Ellerman
3 siblings, 0 replies; 13+ messages in thread
From: Michael Ellerman @ 2015-10-07 10:10 UTC (permalink / raw)
To: Andrew Donnellan, linuxppc-dev; +Cc: mikey, mrochs, imunsie, vaibhav
On Wed, 2015-30-09 at 01:58:07 UTC, Andrew Donnellan wrote:
> When a context is created via the kernel API, ctx->mapping is allocated
> within the kernel and thus needs to be freed when the context is freed.
> reclaim_ctx() attempts to do this for contexts with the ctx->kernelapi flag
> set, but afu_release() (which can be called from the kernel API through
> cxl_fd_release()) sets ctx->mapping to NULL before calling
> cxl_context_free() to free the context.
>
> Add a check to afu_release() so that the mappings in contexts created via
> the kernel API are left alone so reclaim_ctx() can free them.
>
> Reported-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
> Fixes: 6f7f0b3df6d4 ("cxl: Add AFU virtual PHB and kernel API")
> Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
> Acked-by: Ian Munsie <imunsie@au1.ibm.com>
> Reviewed-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
Applied to powerpc fixes, thanks.
https://git.kernel.org/powerpc/c/5f81b95fe2a2de4ec51d46ff
cheers
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2015-10-07 10:10 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-09-30 1:58 [PATCH 1/3] cxl: fix leak of IRQ names in cxl_free_afu_irqs() Andrew Donnellan
2015-09-30 1:58 ` [PATCH 2/3] cxl: fix leak of ctx->irq_bitmap when releasing context via kernel API Andrew Donnellan
2015-09-30 6:01 ` Ian Munsie
2015-09-30 14:04 ` Matthew R. Ochs
2015-10-01 6:51 ` [2/3] " Michael Ellerman
2015-09-30 1:58 ` [PATCH 3/3] cxl: fix leak of ctx->mapping when releasing kernel API contexts Andrew Donnellan
2015-09-30 6:02 ` Ian Munsie
2015-09-30 14:04 ` Matthew R. Ochs
2015-10-01 6:51 ` [3/3] " Michael Ellerman
2015-10-07 10:10 ` Michael Ellerman
2015-09-30 14:03 ` [PATCH 1/3] cxl: fix leak of IRQ names in cxl_free_afu_irqs() Matthew R. Ochs
2015-10-01 6:49 ` [1/3] " Michael Ellerman
2015-10-01 6:51 ` Michael Ellerman
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).