From: Greg Kroah-Hartman Date: Mon, 8 Oct 2012 17:37:22 +0000 (-0700) Subject: 3.0-stable patches X-Git-Tag: v3.0.46~52 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f7528cf44d9b18b4b7a3a439e4f6267a4e40ef7a;p=thirdparty%2Fkernel%2Fstable-queue.git 3.0-stable patches added patches: workqueue-add-missing-smp_wmb-in-process_one_work.patch --- diff --git a/queue-3.0/series b/queue-3.0/series index 207b467e5ae..2f14e489d0c 100644 --- a/queue-3.0/series +++ b/queue-3.0/series @@ -6,3 +6,4 @@ pci-acpiphp-check-whether-_adr-evaluation-succeeded.patch lib-gcd.c-prevent-possible-div-by-0.patch kernel-sys.c-call-disable_nonboot_cpus-in-kernel_restart.patch drivers-scsi-atp870u.c-fix-bad-use-of-udelay.patch +workqueue-add-missing-smp_wmb-in-process_one_work.patch diff --git a/queue-3.0/workqueue-add-missing-smp_wmb-in-process_one_work.patch b/queue-3.0/workqueue-add-missing-smp_wmb-in-process_one_work.patch new file mode 100644 index 00000000000..f93677b2c07 --- /dev/null +++ b/queue-3.0/workqueue-add-missing-smp_wmb-in-process_one_work.patch @@ -0,0 +1,44 @@ +From 959d1af8cffc8fd38ed53e8be1cf4ab8782f9c00 Mon Sep 17 00:00:00 2001 +From: Tejun Heo +Date: Fri, 3 Aug 2012 10:30:45 -0700 +Subject: workqueue: add missing smp_wmb() in process_one_work() + +From: Tejun Heo + +commit 959d1af8cffc8fd38ed53e8be1cf4ab8782f9c00 upstream. + +WORK_STRUCT_PENDING is used to claim ownership of a work item and +process_one_work() releases it before starting execution. When +someone else grabs PENDING, all pre-release updates to the work item +should be visible and all updates made by the new owner should happen +afterwards. + +Grabbing PENDING uses test_and_set_bit() and thus has a full barrier; +however, clearing doesn't have a matching wmb. Given the preceding +spin_unlock and use of clear_bit, I don't believe this can be a +problem on an actual machine and there hasn't been any related report +but it still is theretically possible for clear_pending to permeate +upwards and happen before work->entry update. + +Add an explicit smp_wmb() before work_clear_pending(). + +Signed-off-by: Tejun Heo +Cc: Oleg Nesterov +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/workqueue.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/kernel/workqueue.c ++++ b/kernel/workqueue.c +@@ -1868,7 +1868,9 @@ __acquires(&gcwq->lock) + + spin_unlock_irq(&gcwq->lock); + ++ smp_wmb(); /* paired with test_and_set_bit(PENDING) */ + work_clear_pending(work); ++ + lock_map_acquire_read(&cwq->wq->lockdep_map); + lock_map_acquire(&lockdep_map); + trace_workqueue_execute_start(work);