When bpf_prog is removed from kallsyms it's on the way out to be removed, so we don't care about lnode state. However the bpf_ksym_del will be used also by bpf_trampoline and bpf_dispatcher objects, which stay allocated even when they are not in kallsyms list, hence the lnode re-init. The list_del_rcu commentary states that we need to call synchronize_rcu, before we can change/re-init the list_head pointers. Signed-off-by: Jiri Olsa <jolsa@xxxxxxxxxx> --- kernel/bpf/core.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c index 73242fd07893..66b17bea286e 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -676,6 +676,13 @@ void bpf_ksym_del(struct bpf_ksym *ksym) spin_lock_bh(&bpf_lock); __bpf_ksym_del(ksym); spin_unlock_bh(&bpf_lock); + + /* + * As explained in list_del_rcu, We must call synchronize_rcu + * before changing list_head pointers. + */ + synchronize_rcu(); + INIT_LIST_HEAD_RCU(&ksym->lnode); } static bool bpf_prog_kallsyms_candidate(const struct bpf_prog *fp) -- 2.24.1
