Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/drivers
History
Xie XiuQi bd85f4b37d ipmi: fix crash on reading version from proc after unregisted bmc 
I meet a crash, which could be reproduce:
1) while true; do cat /proc/ipmi/0/version; done
2) modprobe -rv ipmi_si ipmi_msghandler ipmi_devintf

[82761.021137] IPMI BT: req2rsp=5 secs retries=2
[82761.034524] ipmi device interface
[82761.222218] ipmi_si ipmi_si.0: Found new BMC (man_id: 0x0007db, prod_id: 0x0001, dev_id: 0x01)
[82761.222230] ipmi_si ipmi_si.0: IPMI bt interface initialized
[82903.922740] BUG: unable to handle kernel NULL pointer dereference at 00000000000002d4
[82903.930952] IP: [<ffffffffa030d9e8>] smi_version_proc_show+0x18/0x40 [ipmi_msghandler]
[82903.939220] PGD 86693a067 PUD 865304067 PMD 0
[82903.943893] Thread overran stack, or stack corrupted
[82903.949034] Oops: 0000 [#1] SMP
[82903.983091] Modules linked in: ipmi_si(-) ipmi_msghandler binfmt_misc ebtable_filter ebtables ip6table_filter ip6_tables iptable_filter
...
[82904.057285]  pps_core scsi_transport_sas dm_mod vfio_iommu_type1 vfio xt_sctp nf_conntrack_proto_sctp nf_nat_proto_sctp
                nf_nat nf_conntrack sctp libcrc32c [last unloaded: ipmi_devintf]
[82904.073169] CPU: 37 PID: 28089 Comm: cat Tainted: GF          O   ---- -------   3.10.0-327.28.3.el7.x86_64 #1
[82904.083373] Hardware name: Huawei RH2288H V3/BC11HGSA0, BIOS 3.22 05/16/2016
[82904.090592] task: ffff880101cc2e00 ti: ffff880369c54000 task.ti: ffff880369c54000
[82904.098414] RIP: 0010:[<ffffffffa030d9e8>]  [<ffffffffa030d9e8>] smi_version_proc_show+0x18/0x40 [ipmi_msghandler]
[82904.109124] RSP: 0018:ffff880369c57e70  EFLAGS: 00010203
[82904.114608] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000024688470
[82904.121912] RDX: fffffffffffffff4 RSI: ffffffffa0313404 RDI: ffff8808670ce200
[82904.129218] RBP: ffff880369c57e70 R08: 0000000000019720 R09: ffffffff81204a27
[82904.136521] R10: ffff88046f803300 R11: 0000000000000246 R12: ffff880662399700
[82904.143828] R13: 0000000000000001 R14: ffff880369c57f48 R15: ffff8808670ce200
[82904.151128] FS:  00007fb70c9ca740(0000) GS:ffff88086e340000(0000) knlGS:0000000000000000
[82904.159557] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[82904.165473] CR2: 00000000000002d4 CR3: 0000000864c0c000 CR4: 00000000003407e0
[82904.172778] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[82904.180084] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[82904.187385] Stack:
[82904.189573]  ffff880369c57ee0 ffffffff81204f1a 00000000122a2427 0000000001426000
[82904.197392]  ffff8808670ce238 0000000000010000 0000000000000000 0000000000000fff
[82904.205198]  00000000122a2427 ffff880862079600 0000000001426000 ffff880369c57f48
[82904.212962] Call Trace:
[82904.219667]  [<ffffffff81204f1a>] seq_read+0xfa/0x3a0
[82904.224893]  [<ffffffff8124ce2d>] proc_reg_read+0x3d/0x80
[82904.230468]  [<ffffffff811e102c>] vfs_read+0x9c/0x170
[82904.235689]  [<ffffffff811e1b7f>] SyS_read+0x7f/0xe0
[82904.240816]  [<ffffffff81649209>] system_call_fastpath+0x16/0x1b
[82904.246991] Code: 30 a0 e8 0c 6f ef e0 5b 5d c3 66 0f 1f 84 00 00 00 00 00 0f 1f
               44 00 00 48 8b 47 78 55 48 c7 c6 04 34 31 a0 48 89 e5 48 8b 40 50 <0f>
	       b6 90 d4 02 00 00 31 c0 89 d1 83 e2 0f c0 e9 04 0f b6 c9 e8
[82904.267710] RIP  [<ffffffffa030d9e8>] smi_version_proc_show+0x18/0x40 [ipmi_msghandler]
[82904.276079]  RSP <ffff880369c57e70>
[82904.279734] CR2: 00000000000002d4
[82904.283731] ---[ end trace a69e4328b49dd7c4 ]---
[82904.328118] Kernel panic - not syncing: Fatal exception

Reading versin from /proc need bmc device struct available. So in this patch
we move add/remove_proc_entries between ipmi_bmc_register and ipmi_bmc_unregister.

Cc: Kefeng Wang <wangkefeng.wang@huawei.com>
Signed-off-by: Xie XiuQi <xiexiuqi@huawei.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
 		2016-10-03 09:09:47 -05:00
..
accessibility
acpi nfit: fail DSMs that return non-zero status by default 2016-09-21 09:35:19 -07:00
amba
android
ata
atm
auxdisplay
base regmap: Fix for v4.8 2016-09-23 11:50:49 -07:00
bcma
block
bluetooth
bus arm-cci: pmu: Fix typo in event name 2016-09-07 21:24:42 -07:00
cdrom
char ipmi: fix crash on reading version from proc after unregisted bmc 2016-10-03 09:09:47 -05:00
clk Clock Fixes for the Allwinner SoCs, 4.8 Edition 2016-09-08 12:54:24 -07:00
clocksource
connector
cpufreq cpufreq: dt: Add terminate entry for of_device_id tables 2016-08-31 02:49:05 +02:00
cpuidle
crypto crypto: caam - fix IV loading for authenc (giv)decryption 2016-08-31 22:50:42 +08:00
dax dax: fix mapping size check 2016-09-03 10:40:57 -07:00
dca
devfreq
dio
dma
dma-buf
edac
eisa
extcon
firewire
firmware Merge branch 'efi-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-09-13 12:02:00 -07:00
fmc
fpga
gpio gpio: sa1100: fix irq probing for ucb1x00 2016-09-08 00:42:57 +02:00
gpu drm: Only use compat ioctl for addfb2 on X86/IA64 2016-09-19 17:28:20 +10:00
hid
hsi
hv
hwmon
hwspinlock
hwtracing
i2c i2c: qup: skip qup_i2c_suspend if the device is already runtime suspended 2016-09-22 20:11:14 +02:00
ide
idle
iio Second set of IIO fixes for the 4.8 cycle. 2016-09-09 13:44:37 +02:00
infiniband Round three of 4.8 rc fixes 2016-09-16 13:51:42 -07:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2016-09-23 16:34:24 -07:00
iommu
ipack
irqchip irqchip/mips-gic: Fix local interrupts 2016-09-20 23:20:02 +02:00
isdn
leds
lguest
lightnvm
macintosh
mailbox
mcb
md Merge tag 'md/4.8-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md 2016-09-13 11:19:52 -07:00
media [media] cx23885/saa7134: assign q->dev to the PCI device 2016-09-19 12:38:05 -03:00
memory
memstick
message
mfd
misc lkdtm: adjust usercopy tests to bypass const checks 2016-09-06 12:17:30 -07:00
mmc mmc: dw_mmc: fix the spamming log message 2016-09-22 09:34:13 +02:00
mtd Another round of MTD fixes for v4.8 2016-09-28 12:53:08 -07:00
net linux-can-fixes-for-4.8-20160921 2016-09-22 02:47:46 -04:00
nfc
ntb
nubus
nvdimm libnvdimm, region: fix flush hint table thinko 2016-09-24 11:45:38 -07:00
nvme nvme-rdma: only clear queue flags after successful connect 2016-09-22 19:58:17 -06:00
nvmem
of
oprofile
parisc
parport
pci PCI updates for v4.8: 2016-09-14 14:06:30 -07:00
pcmcia pcmcia: lubbock: fix sockets configuration 2016-09-12 10:57:01 +01:00
perf drivers/perf: arm_pmu: Fix NULL pointer dereference during probe 2016-09-02 17:17:52 +01:00
phy
pinctrl
platform
pnp
power
powercap
pps
ps3
ptp
pwm
rapidio rapidio/rio_cm: avoid GFP_KERNEL in atomic context 2016-09-19 15:36:17 -07:00
ras
regulator Merge remote-tracking branches 'regulator/fix/email' and 'regulator/fix/qcom-smd' into regulator-linus 2016-09-06 12:31:34 +01:00
remoteproc
reset
rpmsg
rtc
s390 s390/qeth: fix setting VIPA address 2016-09-16 04:29:14 -04:00
sbus
scsi SCSI fixes on 20160906 2016-09-06 11:06:52 -07:00
sfi
sh
sn
soc
spi Merge remote-tracking branches 'spi/fix/lock', 'spi/fix/maintainers', 'spi/fix/put', 'spi/fix/pxa2xx', 'spi/fix/sh-msiof' and 'spi/fix/timeout' into spi-linus 2016-09-06 12:32:09 +01:00
spmi
ssb
staging media fixes for v4.8-rc8 2016-09-22 09:04:49 -07:00
target
tc
thermal thermal: rcar_thermal: Fix priv->zone error handling 2016-09-06 20:46:06 +08:00
thunderbolt thunderbolt: Don't declare Falcon Ridge unsupported 2016-08-31 13:25:02 +02:00
tty serial: 8250: added acces i/o products quad and octal serial cards 2016-08-31 16:28:26 +02:00
uio
usb USB-serial fixes for v4.8-rc7 2016-09-16 17:42:10 +02:00
uwb
vfio
vhost
video
virt
virtio virtio: mark vring_dma_dev() static 2016-09-09 21:12:35 +03:00
vlynq
vme
w1
watchdog
xen
zorro
Kconfig
Makefile ipmi: add an Aspeed BT IPMI BMC driver 2016-09-29 19:05:06 -05:00