aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/module.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2010-10-05 14:29:27 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2010-10-05 14:29:27 -0400
commit5336377d6225959624146629ce3fc88ee8ecda3d (patch)
tree571b9db75d1ba50faa1e399509563f367fd5694f /kernel/module.c
parent2f6b3aa7a563d05453c4d73ccf88191aee84333f (diff)
modules: Fix module_bug_list list corruption race
With all the recent module loading cleanups, we've minimized the code that sits under module_mutex, fixing various deadlocks and making it possible to do most of the module loading in parallel. However, that whole conversion totally missed the rather obscure code that adds a new module to the list for BUG() handling. That code was doubly obscure because (a) the code itself lives in lib/bugs.c (for dubious reasons) and (b) it gets called from the architecture-specific "module_finalize()" rather than from generic code. Calling it from arch-specific code makes no sense what-so-ever to begin with, and is now actively wrong since that code isn't protected by the module loading lock any more. So this commit moves the "module_bug_{finalize,cleanup}()" calls away from the arch-specific code, and into the generic code - and in the process protects it with the module_mutex so that the list operations are now safe. Future fixups: - move the module list handling code into kernel/module.c where it belongs. - get rid of 'module_bug_list' and just use the regular list of modules (called 'modules' - imagine that) that we already create and maintain for other reasons. Reported-and-tested-by: Thomas Gleixner <tglx@linutronix.de> Cc: Rusty Russell <rusty@rustcorp.com.au> Cc: Adrian Bunk <bunk@kernel.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: stable@kernel.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel/module.c')
-rw-r--r--kernel/module.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/kernel/module.c b/kernel/module.c
index d0b5f8db11b4..ccd641991842 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -1537,6 +1537,7 @@ static int __unlink_module(void *_mod)
1537{ 1537{
1538 struct module *mod = _mod; 1538 struct module *mod = _mod;
1539 list_del(&mod->list); 1539 list_del(&mod->list);
1540 module_bug_cleanup(mod);
1540 return 0; 1541 return 0;
1541} 1542}
1542 1543
@@ -2625,6 +2626,7 @@ static struct module *load_module(void __user *umod,
2625 if (err < 0) 2626 if (err < 0)
2626 goto ddebug; 2627 goto ddebug;
2627 2628
2629 module_bug_finalize(info.hdr, info.sechdrs, mod);
2628 list_add_rcu(&mod->list, &modules); 2630 list_add_rcu(&mod->list, &modules);
2629 mutex_unlock(&module_mutex); 2631 mutex_unlock(&module_mutex);
2630 2632
@@ -2650,6 +2652,8 @@ static struct module *load_module(void __user *umod,
2650 mutex_lock(&module_mutex); 2652 mutex_lock(&module_mutex);
2651 /* Unlink carefully: kallsyms could be walking list. */ 2653 /* Unlink carefully: kallsyms could be walking list. */
2652 list_del_rcu(&mod->list); 2654 list_del_rcu(&mod->list);
2655 module_bug_cleanup(mod);
2656
2653 ddebug: 2657 ddebug:
2654 if (!mod->taints) 2658 if (!mod->taints)
2655 dynamic_debug_remove(info.debug); 2659 dynamic_debug_remove(info.debug);