From patchwork Thu Dec 6 03:24:51 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [3.5.y.z, extended, stable] Patch "virtio: Don't access index after unregister." has been added to staging queue Date: Wed, 05 Dec 2012 17:24:51 -0000 From: Herton Ronaldo Krzesinski X-Patchwork-Id: 204120 Message-Id: <1354764291-29517-1-git-send-email-herton.krzesinski@canonical.com> To: Cornelia Huck Cc: kernel-team@lists.ubuntu.com, Rusty Russell , =?UTF-8?q?Sjur=20Br=C3=A6ndeland?= This is a note to let you know that I have just added a patch titled virtio: Don't access index after unregister. to the linux-3.5.y-queue branch of the 3.5.y.z extended stable tree which can be found at: http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.5.y-queue If you, or anyone else, feels it should not be added to this tree, please reply to this email. For more information about the 3.5.y.z tree, see https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable Thanks. -Herton ------ >From 41d829cae4178db309f88020b877a144d39d2f0c Mon Sep 17 00:00:00 2001 From: Cornelia Huck Date: Fri, 9 Nov 2012 14:54:12 +1030 Subject: [PATCH] virtio: Don't access index after unregister. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Extended-Stable: 3.5 commit 237242bddc99041e15a4ca51b8439657cadaff17 upstream. Virtio wants to release used indices after the corresponding virtio device has been unregistered. However, virtio does not hold an extra reference, giving up its last reference with device_unregister(), making accessing dev->index afterwards invalid. I actually saw problems when testing my (not-yet-merged) virtio-ccw code: - device_add virtio-net,id=xxx -> creates device virtio with n>0 - device_del xxx -> deletes virtio, but calls ida_simple_remove with an index of 0 - device_add virtio-net,id=xxx -> tries to add virtio0, which is still in use... So let's save the index we want to release before calling device_unregister(). Signed-off-by: Cornelia Huck Acked-by: Sjur Brændeland Signed-off-by: Rusty Russell Signed-off-by: Herton Ronaldo Krzesinski --- drivers/virtio/virtio.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) -- 1.7.9.5 diff --git a/drivers/virtio/virtio.c b/drivers/virtio/virtio.c index f355807..acc77a2 100644 --- a/drivers/virtio/virtio.c +++ b/drivers/virtio/virtio.c @@ -222,8 +222,10 @@ EXPORT_SYMBOL_GPL(register_virtio_device); void unregister_virtio_device(struct virtio_device *dev) { + int index = dev->index; /* save for after device release */ + device_unregister(&dev->dev); - ida_simple_remove(&virtio_index_ida, dev->index); + ida_simple_remove(&virtio_index_ida, index); } EXPORT_SYMBOL_GPL(unregister_virtio_device);