• Rasmus Villemoes's avatar
    kernel/async.c: revert "async: simplify lowest_in_progress()" · 838f9cc9
    Rasmus Villemoes authored
    commit 4f7e988e upstream.
    This reverts commit 92266d6e ("async: simplify lowest_in_progress()")
    which was simply wrong: In the case where domain is NULL, we now use the
    wrong offsetof() in the list_first_entry macro, so we don't actually
    fetch the ->cookie value, but rather the eight bytes located
    sizeof(struct list_head) further into the struct async_entry.
    On 64 bit, that's the data member, while on 32 bit, that's a u64 built
    from func and data in some order.
    I think the bug happens to be harmless in practice: It obviously only
    affects callers which pass a NULL domain, and AFAICT the only such
    caller is
      async_synchronize_full() ->
      async_synchronize_full_domain(NULL) ->
      async_synchronize_cookie_domain(ASYNC_COOKIE_MAX, NULL)
    and the ASYNC_COOKIE_MAX means that in practice we end up waiting for
    the async_global_pending list to be empty - but it would break if
    somebody happened to pass (void*)-1 as the data element to
    async_schedule, and of course also if somebody ever does a
    async_synchronize_cookie_domain(, NULL) with a "finite" cookie value.
    Maybe the "harmless in practice" means this isn't -stable material.  But
    I'm not completely confident my quick git grep'ing is enough, and there
    might be affected code in one of the earlier kernels that has since been
    removed, so I'll leave the decision to the stable guys.
    Link: http://lkml.kernel.org/r/20171128104938.3921-1-linux@rasmusvillemoes.dk
    Fixes: 92266d6e "async: simplify lowest_in_progress()"
    Signed-off-by: default avatarRasmus Villemoes <linux@rasmusvillemoes.dk>
    Acked-by: default avatarTejun Heo <tj@kernel.org>
    Cc: Arjan van de Ven <arjan@linux.intel.com>
    Cc: Adam Wallis <awallis@codeaurora.org>
    Cc: Lai Jiangshan <laijs@cn.fujitsu.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>