[PATCH] PPC64: crash during firmware flash update

From: Paul Mackerras
Date: Sat Oct 23 2004 - 02:56:29 EST


This patch is from Linas Vepstas <linas@xxxxxxxxxxxxxx>.

Race conditions during system shutdown after a firmware
flash can sometimes lead to an invalid pointer deref (deref
to freed memory). This patch fixes this. In addition, it makes
sure that the proc entries created by the firmware flash module
are removed when the module is unloaded.

Signed-off-by: Linas Vepstas <linas@xxxxxxxxx>
Signed-off-by: Paul Mackerras <paulus@xxxxxxxxx>

diff -urN linux-2.5/arch/ppc64/kernel/rtas_flash.c test/arch/ppc64/kernel/rtas_flash.c
--- linux-2.5/arch/ppc64/kernel/rtas_flash.c 2004-06-25 07:03:03.000000000 +1000
+++ test/arch/ppc64/kernel/rtas_flash.c 2004-10-23 17:38:33.445013280 +1000
@@ -562,6 +562,7 @@
validate_flash(args_buf);
}

+ /* The matching atomic_inc was in rtas_excl_open() */
atomic_dec(&dp->count);

return 0;
@@ -572,7 +573,8 @@
if (dp) {
if (dp->data != NULL)
kfree(dp->data);
- remove_proc_entry(dp->name, NULL);
+ dp->owner = NULL;
+ remove_proc_entry(dp->name, dp->parent);
}
}

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/