LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Chris Wright <chrisw@sous-sol.org>
To: linux-kernel@vger.kernel.org, stable@kernel.org
Cc: Justin Forbes <jmforbes@linuxtx.org>,
	Zwane Mwaikambo <zwane@arm.linux.org.uk>,
	"Theodore Ts'o" <tytso@mit.edu>,
	Randy Dunlap <rdunlap@xenotime.net>,
	Dave Jones <davej@redhat.com>,
	Chuck Wolber <chuckw@quantumlinux.com>,
	Chris Wedgwood <reviews@ml.cw.f00f.org>,
	Michael Krufky <mkrufky@linuxtv.org>,
	torvalds@linux-foundation.org, akpm@linux-foundation.org,
	alan@lxorguk.ukuu.org.uk, Daniel Drake <dsd@gentoo.org>,
	ard@telegraafnet.nl, Greg KH <greg@kroah.com>,
	Andrew Morton <akpm@osdl.org>, Linus Torvalds <torvalds@osdl.org>
Subject: [patch 17/59] PCI: prevent down_read when pci_devices is empty
Date: Fri, 02 Feb 2007 18:35:21 -0800	[thread overview]
Message-ID: <20070203024013.737331000@sous-sol.org> (raw)
In-Reply-To: <20070203023504.435051000@sous-sol.org>

[-- Attachment #1: pci-prevent-down_read-when-pci_devices-is-empty.patch --]
[-- Type: text/plain, Size: 2482 bytes --]

-stable review patch.  If anyone has any objections, please let us know.
------------------

From: Ard van Breemen <ard@telegraafnet.nl>

The pci_find_subsys gets called very early by obsolete ide setup parameters.
This is a bogus call since pci is not initialized yet, so the list is empty.
But in the mean time, interrupts get enabled by down_read.  This can result in
a kernel panic when the irq controller gets initialized.

This patch checks if the device list is empty before taking the semaphore, and
hence will not enable irq's.  Furthermore it will inform that it is called
while pci_devices is empty as a reminder that the ide code needs to be fixed.

The pci_get_subsys can get called in the same manner, and as such is patched
in the same manner.

[akpm@osdl.org: cleanups]
Signed-off-by: Ard van Breemen <ard@telegraafnet.nl>
Cc: Greg KH <greg@kroah.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
---
This is the other half of the fix for bug #7505

 drivers/pci/search.c |   24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

--- linux-2.6.19.2.orig/drivers/pci/search.c
+++ linux-2.6.19.2/drivers/pci/search.c
@@ -193,6 +193,18 @@ static struct pci_dev * pci_find_subsys(
 	struct pci_dev *dev;
 
 	WARN_ON(in_interrupt());
+
+	/*
+	 * pci_find_subsys() can be called on the ide_setup() path, super-early
+	 * in boot.  But the down_read() will enable local interrupts, which
+	 * can cause some machines to crash.  So here we detect and flag that
+	 * situation and bail out early.
+	 */
+	if (unlikely(list_empty(&pci_devices))) {
+		printk(KERN_INFO "pci_find_subsys() called while pci_devices "
+				"is still empty\n");
+		return NULL;
+	}
 	down_read(&pci_bus_sem);
 	n = from ? from->global_list.next : pci_devices.next;
 
@@ -259,6 +271,18 @@ pci_get_subsys(unsigned int vendor, unsi
 	struct pci_dev *dev;
 
 	WARN_ON(in_interrupt());
+
+	/*
+	 * pci_get_subsys() can potentially be called by drivers super-early
+	 * in boot.  But the down_read() will enable local interrupts, which
+	 * can cause some machines to crash.  So here we detect and flag that
+	 * situation and bail out early.
+	 */
+	if (unlikely(list_empty(&pci_devices))) {
+		printk(KERN_NOTICE "pci_get_subsys() called while pci_devices "
+				"is still empty\n");
+		return NULL;
+	}
 	down_read(&pci_bus_sem);
 	n = from ? from->global_list.next : pci_devices.next;
 

--

  parent reply	other threads:[~2007-02-03  2:56 UTC|newest]

Thread overview: 69+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-02-03  2:35 [patch 00/59] -stable review Chris Wright
2007-02-03  2:35 ` [patch 01/59] i2c-mv64xxx: Fix random oops at boot Chris Wright
2007-02-03  2:35 ` [patch 02/59] i2c/m41t00: Do not forget to write year Chris Wright
2007-02-03  2:35 ` [patch 03/59] Check for populated zone in __drain_pages Chris Wright
2007-02-03  2:35 ` [patch 04/59] Fix HWRNG built-in initcalls priority Chris Wright
2007-02-03  2:35 ` [patch 05/59] md: pass down BIO_RW_SYNC in raid{1,10} Chris Wright
2007-02-03  2:35 ` [patch 06/59] NETFILTER: Fix routing of REJECT target generated packets in output chain Chris Wright
2007-02-03  2:35 ` [patch 07/59] NETFILTER: nf_conntrack_ipv6: fix crash when handling fragments Chris Wright
2007-02-03  2:35 ` [patch 08/59] NETFILTER: tcp conntrack: fix IP_CT_TCP_FLAG_CLOSE_INIT value Chris Wright
2007-02-03  2:35 ` [patch 09/59] NETFILTER: arp_tables: fix userspace compilation Chris Wright
2007-02-03  2:35 ` [patch 10/59] Repair snd-usb-usx2y over OHCI Chris Wright
2007-02-03  2:35 ` [patch 11/59] [stable] [PATCH] IB/mthca: Fix off-by-one in FMR handling on memfree Chris Wright
2007-02-03  2:35 ` [patch 12/59] [PATCH] Fix reparenting to the same thread group. (take 2) Chris Wright
2007-02-03  2:35 ` [patch 13/59] ieee1394: sbp2: fix probing of some DVD-ROM/RWs Chris Wright
2007-02-03  2:35 ` [patch 14/59] sched: tasks cannot run on cpus onlined after boot Chris Wright
2007-02-03  2:35 ` [patch 15/59] Fix up CIFS for "test_clear_page_dirty()" removal Chris Wright
2007-02-03  2:35 ` [patch 16/59] start_kernel: test if irqs got enabled early, barf, and disable them again Chris Wright
2007-02-03  2:35 ` Chris Wright [this message]
2007-02-03 16:16   ` [patch 17/59] PCI: prevent down_read when pci_devices is empty Kumar Gala
2007-02-05 17:04     ` Chris Wright
2007-02-03  2:35 ` [patch 18/59] IPV6 MCAST: Fix joining all-node multicast group on device initialization Chris Wright
2007-02-03  2:35 ` [patch 19/59] NETFILTER: ctnetlink: check for status attribute existence on conntrack creation Chris Wright
2007-02-03  2:35 ` [patch 20/59] NETFILTER: ctnetlink: fix leak in ctnetlink_create_conntrack error path Chris Wright
2007-02-03  2:35 ` [patch 21/59] IPSEC: Policy list disorder Chris Wright
2007-02-03  2:35 ` [patch 22/59] ALSA hda-codec - Fix NULL dereference in generic hda code Chris Wright
2007-02-03  2:35 ` [patch 23/59] SELinux: fix an oops with NetLabel and non-MLS SELinux policy Chris Wright
2007-02-03  2:35 ` [patch 24/59] IB/iser: return error code when PDUs may not be sent Chris Wright
2007-02-03  2:35 ` [patch 25/59] Fix UML on non-standard VM split hosts Chris Wright
2007-02-04  1:06   ` Randy Dunlap
2007-02-04  3:11     ` Jeff Dike
2007-02-04  4:19       ` Randy Dunlap
2007-02-03  2:35 ` [patch 26/59] ACPI: fix cpufreq regression Chris Wright
2007-02-03  2:35 ` [patch 27/59] x86: Work around gcc 4.2 over aggressive optimizer Chris Wright
2007-02-03  2:35 ` [patch 28/59] NETFILTER: Fix iptables ABI breakage on (at least) CRIS Chris Wright
2007-02-03  2:35 ` [patch 29/59] elevator: move clearing of unplug flag earlier Chris Wright
2007-02-03  2:35 ` [patch 30/59] Revert "[PATCH] Fix up mmap_kmem" Chris Wright
2007-02-03  2:35 ` [patch 31/59] remove __devinit markings from rtc_sysfs_add_device() Chris Wright
2007-02-03  2:35 ` [patch 32/59] SPARC64: Set g4/g5 properly in sun4v dtlb-prot handling Chris Wright
2007-02-03  2:35 ` [patch 33/59] sis190: failure to set the MAC address from EEPROM Chris Wright
2007-02-03  2:35 ` [patch 34/59] knfsd: fix setting of ACL server versions Chris Wright
2007-02-03  2:35 ` [patch 35/59] knfsd: fix an NFSD bug with full sized, non-page-aligned reads Chris Wright
2007-02-03  2:35 ` [patch 36/59] knfsd: fix type mismatch with filldir_t used by nfsd Chris Wright
2007-02-03  2:35 ` [patch 37/59] knfsd: fix up some bit-rot in exp_export Chris Wright
2007-02-03  2:35 ` [patch 38/59] md: assorted md and raid1 one-liners Chris Wright
2007-02-03  2:35 ` [patch 39/59] md: make repair actually work for raid1 Chris Wright
2007-02-03  2:35 ` [patch 40/59] md: fix a few problems with the interface (sysfs and ioctl) to md Chris Wright
2007-02-03  2:35 ` [patch 41/59] md: fix potential memalloc deadlock in md Chris Wright
2007-02-03  2:35 ` [patch 42/59] libata: use kmap_atomic(KM_IRQ0) in SCSI simulator Chris Wright
2007-02-03  2:35 ` [patch 43/59] Dont allow the stack to grow into hugetlb reserved regions Chris Wright
2007-02-03  2:35 ` [patch 44/59] uml: fix signal frame alignment Chris Wright
2007-02-03  2:35 ` [patch 45/59] bonding: ARP monitoring broken on x86_64 Chris Wright
2007-02-03  2:35 ` [patch 46/59] jmicron: 40/80pin primary detection Chris Wright
2007-02-03  2:35 ` [patch 47/59] DECNET: Handle a failure in neigh_parms_alloc (take 2) Chris Wright
2007-02-03  2:35 ` [patch 48/59] SPARC32: Fix over-optimization by GCC near ip_fast_csum Chris Wright
2007-02-03  2:35 ` [patch 49/59] IPV4: Fix the fib trie iterator to work with a single entry routing tables Chris Wright
2007-02-03  2:35 ` [patch 50/59] IPV4: Fix single-entry /proc/net/fib_trie output Chris Wright
2007-02-03  2:35 ` [patch 51/59] AF_PACKET: Fix BPF handling Chris Wright
2007-02-03  2:35 ` [patch 52/59] AF_PACKET: Check device down state before hard header callbacks Chris Wright
2007-02-03  2:35 ` [patch 53/59] TCP: rare bad TCP checksum with 2.6.19 Chris Wright
2007-02-03  2:35 ` [patch 54/59] TCP: Fix sorting of SACK blocks Chris Wright
2007-02-03  2:35 ` [patch 55/59] TCP: skb is unexpectedly freed Chris Wright
2007-02-03  2:36 ` [patch 56/59] NETFILTER: xt_connbytes: fix division by zero Chris Wright
2007-02-03  2:36 ` [patch 57/59] SUNRPC: Give cloned RPC clients their own rpc_pipefs directory Chris Wright
2007-02-03  2:36 ` [patch 58/59] move_task_off_dead_cpu() should be called with disabled ints Chris Wright
2007-02-03  2:36 ` [patch 59/59] sched: fix cond_resched_softirq() offset Chris Wright
2007-02-03  2:59 ` [stable] [patch 00/59] -stable review Chris Wright
2007-02-04  6:08   ` Randy Dunlap
2007-02-04 13:36     ` Dave Jones
2007-02-04 17:30       ` Randy Dunlap

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20070203024013.737331000@sous-sol.org \
    --to=chrisw@sous-sol.org \
    --cc=akpm@linux-foundation.org \
    --cc=akpm@osdl.org \
    --cc=alan@lxorguk.ukuu.org.uk \
    --cc=ard@telegraafnet.nl \
    --cc=chuckw@quantumlinux.com \
    --cc=davej@redhat.com \
    --cc=dsd@gentoo.org \
    --cc=greg@kroah.com \
    --cc=jmforbes@linuxtx.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mkrufky@linuxtv.org \
    --cc=rdunlap@xenotime.net \
    --cc=reviews@ml.cw.f00f.org \
    --cc=stable@kernel.org \
    --cc=torvalds@linux-foundation.org \
    --cc=torvalds@osdl.org \
    --cc=tytso@mit.edu \
    --cc=zwane@arm.linux.org.uk \
    --subject='Re: [patch 17/59] PCI: prevent down_read when pci_devices is empty' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).