ipmi: Move remove_work to dedicated workqueue
Currently when removing an ipmi_user the removal is deferred as a work on the system's workqueue. Although this guarantees the free operation will occur in non atomic context, it can race with the ipmi_msghandler module removal (see [1]) . In case a remove_user work is scheduled for removal and shortly after ipmi_msghandler module is removed we can end up in a situation where the module is removed fist and when the work is executed the system crashes with : BUG: unable to handle page fault for address: ffffffffc05c3450 PF: supervisor instruction fetch in kernel mode PF: error_code(0x0010) - not-present page because the pages of the module are gone. In cleanup_ipmi() there is no easy way to detect if there are any pending works to flush them before removing the module. This patch creates a separate workqueue and schedules the remove_work works on it. When removing the module the workqueue is drained when destroyed to avoid the race. [1] https://bugs.launchpad.net/bugs/1950666 Cc: stable@vger.kernel.org # 5.1 Fixes: 3b9a9072 (ipmi: fix sleep-in-atomic in free_user at cleanup SRCU user->release_barrier) Signed-off-by: Ioanna Alifieraki <ioanna-maria.alifieraki@canonical.com> Message-Id: <20211115131645.25116-1-ioanna-maria.alifieraki@canonical.com> Signed-off-by: Corey Minyard <cminyard@mvista.com>
parent
5833291a
-
mentioned in commit 36fbc46a
-
mentioned in commit dc4731f4
-
mentioned in commit f717f29e
-
mentioned in commit e6edaf26
-
mentioned in commit 3ded93ae
-
mentioned in commit 648813c2
-
mentioned in commit 5df7d6a0
-
mentioned in commit 75d70d76
-
mentioned in commit eb84855d
-
mentioned in commit 8b745616
-
mentioned in commit 5aae769a
-
mentioned in commit 8467c8cb
Please register or sign in to comment