ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
authorJames Morse <james.morse@arm.com>
Thu, 16 Mar 2017 14:30:39 +0000 (14:30 +0000)
committerRafael J. Wysocki <rafael.j.wysocki@intel.com>
Tue, 28 Mar 2017 21:43:42 +0000 (23:43 +0200)
When removing a GHES device notified by SCI, list_del_rcu() is used,
ghes_remove() should call synchronize_rcu() before it goes on to call
kfree(ghes), otherwise concurrent RCU readers may still hold this list
entry after it has been freed.

Signed-off-by: James Morse <james.morse@arm.com>
Reviewed-by: "Huang, Ying" <ying.huang@intel.com>
Fixes: 81e88fdc432a (ACPI, APEI, Generic Hardware Error Source POLL/IRQ/NMI notification type support)
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
drivers/acpi/apei/ghes.c

index b192b42a835105a68038ce13d568fad7154497c4..79b3c9c5a3bc9497ea7e9ef5e26fced8b55617b2 100644 (file)
@@ -1073,6 +1073,7 @@ static int ghes_remove(struct platform_device *ghes_dev)
                if (list_empty(&ghes_sci))
                        unregister_acpi_hed_notifier(&ghes_notifier_sci);
                mutex_unlock(&ghes_list_mutex);
+               synchronize_rcu();
                break;
        case ACPI_HEST_NOTIFY_NMI:
                ghes_nmi_remove(ghes);