tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

lockdep: fix kernel crash on module unload

Michael Wu noticed in his lkml post at

http://marc.info/?l=linux-kernel&m=119396182726091&w=2

that certain wireless drivers ended up having their name in module
memory, which would then crash the kernel on module unload.

The patch he proposed was a bit clumsy in that it increased the size of
a lockdep entry significantly; the patch below tries another approach,
it checks, on module teardown, if the name of a class is in module space
and then zaps the class. This is very similar to what we already do
with keys that are in module space.

Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

Arjan van de Ven and committed by
Linus Torvalds fabe874a 4784b11c

+5 -2
+5 -2
kernel/lockdep.c
··· 2932 2932 2933 2933 } 2934 2934 2935 - static inline int within(void *addr, void *start, unsigned long size) 2935 + static inline int within(const void *addr, void *start, unsigned long size) 2936 2936 { 2937 2937 return addr >= start && addr < start + size; 2938 2938 } ··· 2955 2955 head = classhash_table + i; 2956 2956 if (list_empty(head)) 2957 2957 continue; 2958 - list_for_each_entry_safe(class, next, head, hash_entry) 2958 + list_for_each_entry_safe(class, next, head, hash_entry) { 2959 2959 if (within(class->key, start, size)) 2960 2960 zap_class(class); 2961 + else if (within(class->name, start, size)) 2962 + zap_class(class); 2963 + } 2961 2964 } 2962 2965 2963 2966 if (locked)