This is a note to let you know that I've just added the patch titled
cpufreq: serialize calls to __cpufreq_governor()
to the 3.10-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
cpufreq-serialize-calls-to-__cpufreq_governor.patch
and it can be found in the queue-3.10 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 19c763031acb831a5ab9c1a701b7fedda073eb3f Mon Sep 17 00:00:00 2001
From: Viresh Kumar <viresh.kumar@xxxxxxxxxx>
Date: Sat, 31 Aug 2013 17:48:23 +0530
Subject: cpufreq: serialize calls to __cpufreq_governor()
From: Viresh Kumar <viresh.kumar@xxxxxxxxxx>
commit 19c763031acb831a5ab9c1a701b7fedda073eb3f upstream.
We can't take a big lock around __cpufreq_governor() as this causes
recursive locking for some cases. But calls to this routine must be
serialized for every policy. Otherwise we can see some unpredictable
events.
For example, consider following scenario:
__cpufreq_remove_dev()
__cpufreq_governor(policy, CPUFREQ_GOV_STOP);
policy->governor->governor(policy, CPUFREQ_GOV_STOP);
cpufreq_governor_dbs()
case CPUFREQ_GOV_STOP:
mutex_destroy(&cpu_cdbs->timer_mutex)
cpu_cdbs->cur_policy = NULL;
<PREEMPT>
store()
__cpufreq_set_policy()
__cpufreq_governor(policy, CPUFREQ_GOV_LIMITS);
policy->governor->governor(policy, CPUFREQ_GOV_LIMITS);
case CPUFREQ_GOV_LIMITS:
mutex_lock(&cpu_cdbs->timer_mutex); <-- Warning (destroyed mutex)
if (policy->max < cpu_cdbs->cur_policy->cur) <- cur_policy == NULL
And so store() will eventually result in a crash if cur_policy is
NULL at this point.
Introduce an additional variable which would guarantee serialization
here.
Reported-by: Stephen Boyd <sboyd@xxxxxxxxxxxxxx>
Signed-off-by: Viresh Kumar <viresh.kumar@xxxxxxxxxx>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@xxxxxxxxx>
Cc: Mark Brown <broonie@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/cpufreq/cpufreq.c | 9 +++++++--
include/linux/cpufreq.h | 1 +
2 files changed, 8 insertions(+), 2 deletions(-)
--- a/drivers/cpufreq/cpufreq.c
+++ b/drivers/cpufreq/cpufreq.c
@@ -1566,12 +1566,14 @@ static int __cpufreq_governor(struct cpu
policy->cpu, event);
mutex_lock(&cpufreq_governor_lock);
- if ((!policy->governor_enabled && (event == CPUFREQ_GOV_STOP)) ||
- (policy->governor_enabled && (event == CPUFREQ_GOV_START))) {
+ if (policy->governor_busy
+ || (!policy->governor_enabled && (event == CPUFREQ_GOV_STOP))
+ || (policy->governor_enabled && (event == CPUFREQ_GOV_START))) {
mutex_unlock(&cpufreq_governor_lock);
return -EBUSY;
}
+ policy->governor_busy = true;
if (event == CPUFREQ_GOV_STOP)
policy->governor_enabled = false;
else if (event == CPUFREQ_GOV_START)
@@ -1603,6 +1605,9 @@ static int __cpufreq_governor(struct cpu
if ((event == CPUFREQ_GOV_STOP) && !ret)
module_put(policy->governor->owner);
+ mutex_lock(&cpufreq_governor_lock);
+ policy->governor_busy = false;
+ mutex_unlock(&cpufreq_governor_lock);
return ret;
}
--- a/include/linux/cpufreq.h
+++ b/include/linux/cpufreq.h
@@ -108,6 +108,7 @@ struct cpufreq_policy {
struct cpufreq_governor *governor; /* see below */
void *governor_data;
bool governor_enabled; /* governor start/stop flag */
+ bool governor_busy;
struct work_struct update; /* if update_policy() needs to be
* called, but you're in IRQ context */
Patches currently in stable-queue which might be from viresh.kumar@xxxxxxxxxx are
queue-3.10/cpufreq-serialize-calls-to-__cpufreq_governor.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html