Hi all, this series is supposed to fix some lifetime issues all related to the fact that once the last ->serial() has been invoked, the padata user (i.e. pcrypt) is well with its right to tear down the associated padata_shell or parallel_data instance respectively. Only the first one, addressed by patch [2/5], has actually been observed, namely on a (downstream) RT kernel under a very specific workload involving LTP's pcrypt_aead01. On non-RT, I've been unable to reproduce. The remainder of this series, 3-5/5, fixes two more, somewhat related, but purely theoretical issues I spotted when scratching my head about possible reasons for the original Oops. Thanks! Nicolai Nicolai Stange (5): padata: introduce internal padata_get/put_pd() helpers padata: make padata_free_shell() to respect pd's ->refcnt padata: grab parallel_data refcnt for reorder padata: split out dequeue operation from padata_find_next() padata: avoid potential UAFs to the padata_shell from padata_reorder() kernel/padata.c | 129 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 96 insertions(+), 33 deletions(-) -- 2.37.3
