From patchwork Tue Oct 3 14:20:50 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Will Deacon X-Patchwork-Id: 114697 Delivered-To: patch@linaro.org Received: by 10.140.22.163 with SMTP id 32csp1935865qgn; Tue, 3 Oct 2017 07:20:54 -0700 (PDT) X-Google-Smtp-Source: AOwi7QBk0WAqaxa+YC4xmaMC0kps6CIJB61UhLXF6exEUB+6IOTA7YhMtSOfLqjO/EE0ND1ByPv+ X-Received: by 10.84.135.34 with SMTP id 31mr17554456pli.306.1507040454397; Tue, 03 Oct 2017 07:20:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1507040454; cv=none; d=google.com; s=arc-20160816; b=Yh1Fz4cvSeg0fxKlTRCInv6b2SQ02F9AMrmWwYidGYng6r7nS8dAqw1Jzgm/9E+bNY mkXKYYvFt5CIQt0hdMmXDgo9DHjMDXpm8EAWIQA/9Hl3xTXjRHrGqH8uXPaTgXKiZS6E qiooAC/fuXwsawhW8J2jcZVdLNx6x510r/Xhgd6pEaKg0kYKwC6/beFiRi1sRgZ9+pKo aDYyG5csNyYoovORi9GXC+tla+HoG/wCYV7OnYFjqCkHBeYRlI3Ocu8LhSnI8oRivPPc TWdEUKDo3LvH+sNNcZDycMIxRytZDSrL2V71tmSSaY4URB54z3jb9ur0UaFag9zJB+sn 1buQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :arc-authentication-results; bh=2YOls1nIpZMgjSpZNIaOFh3Yj3c5vQviLPT5nq2fJQ0=; b=B8dKmCKudhNFzKZ45NSp/9aETK4/Mrg7fmdog7pvxNDyiWizWyroK+LWgJhHr0+x4g 7yxnPrz6G5N8S7o+PxuOsS5Lt5eYTzHlvJ3F4V3kZ89i6kiZsAOpYZhYOA0KHSWCwlgl /rwSflNj/m0BR8sZa72mc5QAGrUZR0Z7EJlBHmDenPSVXVHZBZAAZrNEtH2d7DVa+Akq bqItNGOTHonYJJdbU2WdtlA9oqtvL/A7FSdkEne/gh00ustIPQMWcosDuh9k6rGTdQTe OR0SskrXzbNoQZGqqsw9Dg61Zz734de+hfCl8q7X3PedqtrsRbO7VikDCgJEFuFJBI1Z vcSA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v68si5046503pfj.359.2017.10.03.07.20.54; Tue, 03 Oct 2017 07:20:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751994AbdJCOUw (ORCPT + 26 others); Tue, 3 Oct 2017 10:20:52 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:49472 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751910AbdJCOUu (ORCPT ); Tue, 3 Oct 2017 10:20:50 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id BCB601529; Tue, 3 Oct 2017 07:20:50 -0700 (PDT) Received: from edgewater-inn.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 8E8363F53D; Tue, 3 Oct 2017 07:20:50 -0700 (PDT) Received: by edgewater-inn.cambridge.arm.com (Postfix, from userid 1000) id 3846C1AE2E15; Tue, 3 Oct 2017 15:20:51 +0100 (BST) From: Will Deacon To: mingo@redhat.com, linux-kernel@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, kim.phillips@arm.com, mark.rutland@arm.com, Will Deacon , Peter Zijlstra Subject: [PATCH] perf/core: Avoid freeing static PMU contexts when PMU is unregistered Date: Tue, 3 Oct 2017 15:20:50 +0100 Message-Id: <1507040450-7730-1-git-send-email-will.deacon@arm.com> X-Mailer: git-send-email 2.1.4 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Since commit 1fd7e4169954 ("perf/core: Remove perf_cpu_context::unique_pmu"), when a PMU is unregistered then its associated ->pmu_cpu_context is unconditionally freed. Whilst this is fine for dynamically allocated context types (i.e. those registered using perf_invalid_context), this causes a problem for sharing of static contexts such as perf_{sw,hw}_context, which are used by multiple built-in PMUs and effectively have a global lifetime. Whilst testing the ARM SPE driver, which must use perf_sw_context to support per-task AUX tracing, unregistering the driver as a result of a module unload resulted in: Unable to handle kernel NULL pointer dereference at virtual address 00000038 Internal error: Oops: 96000004 [#1] PREEMPT SMP Modules linked in: [last unloaded: arm_spe_pmu] PC is at ctx_resched+0x38/0xe8 LR is at perf_event_exec+0x20c/0x278 [...] ctx_resched+0x38/0xe8 perf_event_exec+0x20c/0x278 setup_new_exec+0x88/0x118 load_elf_binary+0x26c/0x109c search_binary_handler+0x90/0x298 do_execveat_common.isra.14+0x540/0x618 SyS_execve+0x38/0x48 since the software context has been freed and the ctx.pmu->pmu_disable_count field has been set to NULL. This patch fixes the problem by avoiding the freeing of static PMU contexts altogether. Whilst the sharing of dynamic contexts is questionable, this actually requires the caller to share their context pointer explicitly and so the burden is on them to manage the object lifetime. Cc: Peter Zijlstra Fixes: 1fd7e4169954 ("perf/core: Remove perf_cpu_context::unique_pmu") Reported-by: Kim Phillips Signed-off-by: Will Deacon --- kernel/events/core.c | 8 ++++++++ 1 file changed, 8 insertions(+) -- 2.1.4 Acked-by: Mark Rutland Tested-by: Kim Phillips diff --git a/kernel/events/core.c b/kernel/events/core.c index 6bc21e202ae4..243bfc68d0fe 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -8955,6 +8955,14 @@ static struct perf_cpu_context __percpu *find_pmu_context(int ctxn) static void free_pmu_context(struct pmu *pmu) { + /* + * Static contexts such as perf_sw_context have a global lifetime + * and may be shared between different PMUs. Avoid freeing them + * when a single PMU is going away. + */ + if (pmu->task_ctx_nr > perf_invalid_context) + return; + mutex_lock(&pmus_lock); free_percpu(pmu->pmu_cpu_context); mutex_unlock(&pmus_lock);