| Message ID | 1443578287-7847-3-git-send-email-andrew.donnellan@au1.ibm.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
Good catch!
Acked-by: Ian Munsie <imunsie@au1.ibm.com>
Reviewed-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
On Wed, 2015-30-09 at 01:58:07 UTC, Andrew Donnellan wrote: > When a context is created via the kernel API, ctx->mapping is allocated > within the kernel and thus needs to be freed when the context is freed. > reclaim_ctx() attempts to do this for contexts with the ctx->kernelapi flag > set, but afu_release() (which can be called from the kernel API through > cxl_fd_release()) sets ctx->mapping to NULL before calling > cxl_context_free() to free the context. > > Add a check to afu_release() so that the mappings in contexts created via > the kernel API are left alone so reclaim_ctx() can free them. > > Reported-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com> > Fixes: 6f7f0b3df6d4 ("cxl: Add AFU virtual PHB and kernel API") > Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com> > Acked-by: Ian Munsie <imunsie@au1.ibm.com> > Reviewed-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com> Applied to powerpc fixes, thanks. https://git.kernel.org/powerpc/c/5f81b95fe2a2de4ec51d46ff cheers
On Wed, 2015-30-09 at 01:58:07 UTC, Andrew Donnellan wrote: > When a context is created via the kernel API, ctx->mapping is allocated > within the kernel and thus needs to be freed when the context is freed. > reclaim_ctx() attempts to do this for contexts with the ctx->kernelapi flag > set, but afu_release() (which can be called from the kernel API through > cxl_fd_release()) sets ctx->mapping to NULL before calling > cxl_context_free() to free the context. > > Add a check to afu_release() so that the mappings in contexts created via > the kernel API are left alone so reclaim_ctx() can free them. > > Reported-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com> > Fixes: 6f7f0b3df6d4 ("cxl: Add AFU virtual PHB and kernel API") > Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com> > Acked-by: Ian Munsie <imunsie@au1.ibm.com> > Reviewed-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com> Applied to powerpc fixes, thanks. https://git.kernel.org/powerpc/c/5f81b95fe2a2de4ec51d46ff cheers
diff --git a/drivers/misc/cxl/file.c b/drivers/misc/cxl/file.c index a30bf28..fcda6b0 100644 --- a/drivers/misc/cxl/file.c +++ b/drivers/misc/cxl/file.c @@ -120,9 +120,16 @@ int afu_release(struct inode *inode, struct file *file) __func__, ctx->pe); cxl_context_detach(ctx); - mutex_lock(&ctx->mapping_lock); - ctx->mapping = NULL; - mutex_unlock(&ctx->mapping_lock); + + /* + * Delete the context's mapping pointer, unless it's created by the + * kernel API, in which case leave it so it can be freed by reclaim_ctx() + */ + if (!ctx->kernelapi) { + mutex_lock(&ctx->mapping_lock); + ctx->mapping = NULL; + mutex_unlock(&ctx->mapping_lock); + } put_device(&ctx->afu->dev);
When a context is created via the kernel API, ctx->mapping is allocated within the kernel and thus needs to be freed when the context is freed. reclaim_ctx() attempts to do this for contexts with the ctx->kernelapi flag set, but afu_release() (which can be called from the kernel API through cxl_fd_release()) sets ctx->mapping to NULL before calling cxl_context_free() to free the context. Add a check to afu_release() so that the mappings in contexts created via the kernel API are left alone so reclaim_ctx() can free them. Reported-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com> Fixes: 6f7f0b3df6d4 ("cxl: Add AFU virtual PHB and kernel API") Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com> --- drivers/misc/cxl/file.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-)