On 16-11-18 03:21 PM, Eric Dumazet wrote: > On Fri, 2016-11-18 at 11:00 -0800, John Fastabend wrote: > > >> static void free_receive_bufs(struct virtnet_info *vi) >> { >> + struct bpf_prog *old_prog; >> int i; >> >> for (i = 0; i < vi->max_queue_pairs; i++) { >> while (vi->rq[i].pages) >> __free_pages(get_a_page(&vi->rq[i], GFP_KERNEL), 0); >> + >> + old_prog = rcu_dereference(vi->rq[i].xdp_prog); > > Seems wrong to me. >
Yep it is wrong should be rtnl_dereference() here and the rcu_dereference() calls earlier in the patch need to be _bh(). > Are you sure lockdep (with CONFIG_PROVE_RCU=y) was happy with this ? oops you are right it was missing. > >> + RCU_INIT_POINTER(vi->rq[i].xdp_prog, NULL); >> + if (old_prog) >> + bpf_prog_put(old_prog); bpf_prog_put() waits a grace period of ref count is zero. That said on driver unload we need to protect the bpf_prog_put with RTNL_LOCK() as well. I'll send out a v2 in a bit. Thanks a lot. >> } >> } >> >> > >