[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20081216195620.GA10231@hmsreliant.think-freely.org>
Date: Tue, 16 Dec 2008 14:56:20 -0500
From: Neil Horman <nhorman@...driver.com>
To: Jesse Barnes <jbarnes@...tuousgeek.org>
Cc: greg@...ah.com, linux-pci@...r.kernel.org,
linux-kernel@...r.kernel.org, akpm@...ux-foundation.org
Subject: Re: [PATCH] ibmphp: Fix module ref count underflow
On Tue, Dec 16, 2008 at 10:42:08AM -0800, Jesse Barnes wrote:
> On Wednesday, December 10, 2008 11:43 am Neil Horman wrote:
> > Hey-
> > I happened to notice that the ibmphp hotplug driver does something
> > rather silly in its init routine. It purposely calls module_put so as to
> > underflow its module ref count to avoid being removed from the kernel.
> > This is bad practice, and wrong, since it provides a window for subsequent
> > module_gets to reset the refcount to zero, allowing an unload to race in
> > and cause all sorts of mysterious panics. If the module is unsafe to load,
> > it should inform the kernel as such with a call to __unsafe. The patch
> > below does that.
>
> Thanks Neil, applied this to my for-linus branch since it sounds potentially
> serious (but also low risk since who uses ibmphp anymore? :)
>
Dang it! Sorry, Jesse. Yes, youre absolutely right, it is low risk. It really
just a bit of sillyness all around.
Unfortunately, I took part in the sillyness. The problem was reported to me on
RHEL, and I tested there, without checking upstream too closely. As aresult,
the patch I gave you is a bit out of date, and won't compile. I've tested the
new patch here much more closely. apologies. I informed akpm who was looking
at it, but neglected to copy you.
This patch corrects the same problem in that it prevents module unloads in a
sane fashion, by not registering an exit routine
Signed-off-by: Neil Horman <nhorman@...driver.com>
ibmphp_core.c | 5 -----
1 file changed, 5 deletions(-)
diff --git a/drivers/pci/hotplug/ibmphp_core.c b/drivers/pci/hotplug/ibmphp_core.c
index c892daa..633e743 100644
--- a/drivers/pci/hotplug/ibmphp_core.c
+++ b/drivers/pci/hotplug/ibmphp_core.c
@@ -1402,10 +1402,6 @@ static int __init ibmphp_init(void)
goto error;
}
- /* lock ourselves into memory with a module
- * count of -1 so that no one can unload us. */
- module_put(THIS_MODULE);
-
exit:
return rc;
@@ -1423,4 +1419,3 @@ static void __exit ibmphp_exit(void)
}
module_init(ibmphp_init);
-module_exit(ibmphp_exit);
> Jesse
>
--
/****************************************************
* Neil Horman <nhorman@...driver.com>
* Software Engineer, Red Hat
****************************************************/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists