commit 28021dbd490b11dc33d0ecec4900a4cbad9c8967
author Matt Wagantall <mattw@codeaurora.org> Tue Jul 16 23:53:08 2013 -0700
committer Matt Wagantall <mattw@codeaurora.org> Wed Jul 17 11:03:59 2013 -0700
tree 6cc9ddc8b6a830be7f7ae72394774d3d9c506889
parent 3c0cccf93df4855ebab815e133e8542d7a574b0c

net: flow: Prevent bringing up new CPUs during per-CPU initialization

In a rare race-condition, it's possible that a CPU will be brought
online between when the for_each_online_cpu() loop executes to
call flow_cache_cpu_prepare(), and when the hotplug notifier for
calling this same function is registered. If this happens,
flow_cache_cpu_prepare() will never be called for the new CPU,
resulting in crashes due to uninitialized per-cpu data.

Fix this by preventing CPUs from being added or removed during
this small but sensitive window.

Change-Id: Iafbbaa8a50e5c527392d130561874313720849d0
Signed-off-by: Matt Wagantall <mattw@codeaurora.org>

net/core/flow.c

diff --git a/net/core/flow.c b/net/core/flow.c
index e318c7e..9a517c6 100644
--- a/net/core/flow.c
+++ b/net/core/flow.c
@@ -423,6 +423,7 @@
 	if (!fc->percpu)
 		return -ENOMEM;
 
+	get_online_cpus();
 	for_each_online_cpu(i) {
 		if (flow_cache_cpu_prepare(fc, i))
 			goto err;
@@ -431,6 +432,7 @@
 		.notifier_call = flow_cache_cpu,
 	};
 	register_hotcpu_notifier(&fc->hotcpu_notifier);
+	put_online_cpus();
 
 	setup_timer(&fc->rnd_timer, flow_cache_new_hashrnd,
 		    (unsigned long) fc);
@@ -440,6 +442,7 @@
 	return 0;
 
 err:
+	put_online_cpus();
 	for_each_possible_cpu(i) {
 		struct flow_cache_percpu *fcp = per_cpu_ptr(fc->percpu, i);
 		kfree(fcp->hash_table);