summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlan Stern <stern@rowland.harvard.edu>2007-11-19 10:53:40 -0500
committerGreg Kroah-Hartman <gregkh@suse.de>2008-01-24 20:40:36 -0800
commit09f82ea92822a7bbb7e816508abbda47ed54a77f (patch)
tree059011e094839a633597c2e88afc40f779894438
parent97c146ef075dc40ae34407c03d3860fc3850b8e8 (diff)
downloadlinux-09f82ea92822a7bbb7e816508abbda47ed54a77f.tar.bz2
Kobject: drop child->parent ref at unregistration
This patch (as1015) reverts changes that were made to the driver core about four years ago. The intent back then was to avoid certain kinds of invalid memory accesses by leaving kernel objects allocated as long as any of their children were still allocated. The original and correct approach was to wait only as long as any children were still _registered_; that's what this patch reinstates. This fixes a problem in the SCSI core made visible by the class_device to regular device conversion: A reference loop (scsi_device holds reference to request_queue, which is the child of a gendisk, which is the child of the scsi_device) prevents the data structures from being released, even though they are deregistered okay. It's possible that this change will cause a few bugs to surface, things that have been hidden for several years. They can be fixed easily enough by having the child device take an explicit reference to the parent whenever needed. Signed-off-by: Alan Stern <stern@rowland.harvard.edu> Cc: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-rw-r--r--lib/kobject.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/kobject.c b/lib/kobject.c
index 1015f74212d0..493e991abb1b 100644
--- a/lib/kobject.c
+++ b/lib/kobject.c
@@ -149,12 +149,16 @@ void kobject_init(struct kobject * kobj)
static void unlink(struct kobject * kobj)
{
+ struct kobject *parent = kobj->parent;
+
if (kobj->kset) {
spin_lock(&kobj->kset->list_lock);
list_del_init(&kobj->entry);
spin_unlock(&kobj->kset->list_lock);
}
+ kobj->parent = NULL;
kobject_put(kobj);
+ kobject_put(parent);
}
/**
@@ -208,7 +212,6 @@ int kobject_add(struct kobject * kobj)
if (error) {
/* unlink does the kobject_put() for us */
unlink(kobj);
- kobject_put(parent);
/* be noisy on error issues */
if (error == -EEXIST)
@@ -590,7 +593,6 @@ static void kobject_cleanup(struct kobject *kobj)
{
struct kobj_type * t = get_ktype(kobj);
struct kset * s = kobj->kset;
- struct kobject * parent = kobj->parent;
const char *name = kobj->k_name;
pr_debug("kobject: '%s' (%p): %s\n",
@@ -604,7 +606,6 @@ static void kobject_cleanup(struct kobject *kobj)
}
if (s)
kset_put(s);
- kobject_put(parent);
}
static void kobject_release(struct kref *kref)