mm · 0373fc0c209db541ec115700fbdb50e85b774a02 · Upstream / linux-stable

slub: Fix kmem_cache_destroy() with SLAB_DESTROY_BY_RCU

Eric Dumazet authored 15 years ago

commit d76b1590

 upstream.

kmem_cache_destroy() should call rcu_barrier() *after* kmem_cache_close() and
*before* sysfs_slab_remove() or risk rcu_free_slab() being called after
kmem_cache is deleted (kfreed).

rmmod nf_conntrack can crash the machine because it has to kmem_cache_destroy()
a SLAB_DESTROY_BY_RCU enabled cache.
Reported-by: Zdenek Kabelac <zdenek.kabelac@gmail.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Signed-off-by: Pekka Enberg <penberg@cs.helsinki.fi>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

e8f23f08

Name	Last commit	Last update
..
Kconfig	security: use mmap_min_addr indepedently of security models	15 years ago
Kconfig.debug	generic debug pagealloc: build fix	16 years ago
Makefile	generic debug pagealloc	16 years ago
allocpercpu.c	percpu: __percpu_depopulate_mask can take a const mask	16 years ago
backing-dev.c	block: change the request allocation/congestion logic to be sync/async based	16 years ago
bootmem.c	bootmem, x86: further fixes for arch-specific bootmem wrapping	16 years ago
bounce.c	bounce: don't rely on a zeroed bio_vec list	16 years ago
debug-pagealloc.c	generic debug pagealloc	16 years ago
dmapool.c	dmapool: enable debugging for CONFIG_SLUB_DEBUG_ON too	17 years ago
fadvise.c	[CVE-2009-0029] System call wrapper special cases	16 years ago
failslab.c	kmemtrace, mm: fix slab.h dependency problem in mm/failslab.c	16 years ago
filemap.c	mm: mark page accessed before we write_end()	15 years ago
filemap_xip.c	mm: do_xip_mapping_read: fix length calculation	16 years ago
fremap.c	Do not account for the address space used by hugetlbfs using VM_ACCOUNT	16 years ago
highmem.c	mm: introduce debug_kmap_atomic	16 years ago
hugetlb.c	hugetlbfs: fix i_blocks accounting	15 years ago
internal.h	vmscan: do not unconditionally treat zones that fail zone_reclaim() as full	15 years ago
maccess.c	kgdb: fix optional arch functions and probe_kernel_*	17 years ago
madvise.c	Revert "Ignore madvise(MADV_WILLNEED) for hugetlbfs-backed regions"	16 years ago
memcontrol.c	memcg: fix build warning and avoid checking for mem != null again and again	16 years ago
memory.c	mm: close page_mkwrite races	16 years ago
memory_hotplug.c	mm: remove GFP_HIGHUSER_PAGECACHE	16 years ago
mempolicy.c	[CVE-2009-0029] System call wrappers part 28	16 years ago
mempool.c	spelling fixes: mm/	17 years ago
migrate.c	FS-Cache: Recruit a page flags for cache management	16 years ago
mincore.c
mlock.c
mm_init.c
mmap.c
mmu_notifier.c
mmzone.c
mprotect.c
mremap.c
msync.c
nommu.c
oom_kill.c
page-writeback.c
page_alloc.c
page_cgroup.c
page_io.c
page_isolation.c
pagewalk.c
pdflush.c
percpu.c
prio_tree.c
quicklist.c
readahead.c
rmap.c
shmem.c
shmem_acl.c
slab.c
slob.c
slub.c
sparse-vmemmap.c
sparse.c
swap.c
swap_state.c
swapfile.c
thrash.c
truncate.c
util.c
vmalloc.c
vmscan.c
vmstat.c

GitLab

Menu

Download source code

Download this directory