mirror
/
linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
linux/drivers/misc
History
Chengfeng Ye 1bae5c0e2c misc: bcm_vk: Fix potential deadlock on &vk->ctx_lock 
As &vk->ctx_lock is acquired by timer bcm_vk_hb_poll() under softirq
context, other process context code should disable irq or bottom-half
before acquire the same lock, otherwise deadlock could happen if the
timer preempt the execution while the lock is held in process context
on the same CPU.

Possible deadlock scenario
bcm_vk_open()
    -> bcm_vk_get_ctx()
    -> spin_lock(&vk->ctx_lock)
	<timer iterrupt>
	-> bcm_vk_hb_poll()
	-> bcm_vk_blk_drv_access()
	-> spin_lock_irqsave(&vk->ctx_lock, flags) (deadlock here)

This flaw was found using an experimental static analysis tool we are
developing for irq-related deadlock, which reported the following
warning when analyzing the linux kernel 6.4-rc7 release.

[Deadlock]: &vk->ctx_lock
  [Interrupt]: bcm_vk_hb_poll
    -->/root/linux/drivers/misc/bcm-vk/bcm_vk_msg.c:176
    -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:512
  [Locking Unit]: bcm_vk_ioctl
    -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:1181
    -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:512

[Deadlock]: &vk->ctx_lock
  [Interrupt]: bcm_vk_hb_poll
    -->/root/linux/drivers/misc/bcm-vk/bcm_vk_msg.c:176
    -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:512
  [Locking Unit]: bcm_vk_ioctl
    -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:1169

[Deadlock]: &vk->ctx_lock
  [Interrupt]: bcm_vk_hb_poll
    -->/root/linux/drivers/misc/bcm-vk/bcm_vk_msg.c:176
    -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:512
  [Locking Unit]: bcm_vk_open
    -->/root/linux/drivers/misc/bcm-vk/bcm_vk_msg.c:216

[Deadlock]: &vk->ctx_lock
  [Interrupt]: bcm_vk_hb_poll
    -->/root/linux/drivers/misc/bcm-vk/bcm_vk_msg.c:176
    -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:512
  [Locking Unit]: bcm_vk_release
    -->/root/linux/drivers/misc/bcm-vk/bcm_vk_msg.c:306

As suggested by Arnd, the tentative patch fix the potential deadlocks
by replacing the timer with delay workqueue. x86_64 allyesconfig using
GCC shows no new warning. Note that no runtime testing was performed
due to no device on hand.

Signed-off-by: Chengfeng Ye <dg573847474@gmail.com>
Acked-by: Scott Branden <scott.branden@broadcom.com>
Tested-by: Desmond Yan <desmond.branden@broadcom.com>
Tested-by: Desmond Yan <desmond.yan@broadcom.com>
Link: https://lore.kernel.org/r/20230629182941.13045-1-dg573847474@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2023-08-04 15:45:19 +02:00
..
altera-stapl misc: add HAS_IOPORT dependencies 2023-05-29 15:05:00 +01:00
bcm-vk misc: bcm_vk: Fix potential deadlock on &vk->ctx_lock 2023-08-04 15:45:19 +02:00
c2port driver core: class: remove module * from class_create() 2023-03-17 15:16:33 +01:00
cardreader misc: alcor_pci: remove unused alcor functions 2023-03-29 12:20:32 +02:00
cb710
cxl misc: Explicitly include correct DT includes 2023-08-04 15:39:04 +02:00
echo
eeprom Char/Misc and other driver subsystem updates for 6.5-rc1 2023-07-03 12:46:47 -07:00
genwqe - Nick Piggin's "shoot lazy tlbs" series, to improve the peformance of 2023-04-27 19:42:02 -07:00
ibmasm
lis3lv02d misc: Explicitly include correct DT includes 2023-08-04 15:39:04 +02:00
lkdtm Char/Misc and other driver subsystem updates for 6.5-rc1 2023-07-03 12:46:47 -07:00
mchp_pci1xxxx misc: microchip: pci1xxxx: Add support to read and write into PCI1XXXX EEPROM via NVMEM sysfs 2023-08-04 15:36:44 +02:00
mei mei: gsc: add module description 2023-07-30 18:15:53 +02:00
ocxl driver core: class: remove module * from class_create() 2023-03-17 15:16:33 +01:00
pvpanic
sgi-gru mm: ptep_get() conversion 2023-06-19 16:19:25 -07:00
sgi-xp sgi-xp: simplify sysctl registration 2023-03-09 17:32:13 +01:00
ti-st drivers: misc: ti-st: Fix a typo ("unknow") 2023-01-31 13:02:46 +01:00
uacce uacce: vma_close clears q->qfrs when freeing qfrs 2023-05-31 19:00:26 +01:00
vmw_vmci Char/Misc drivers for 6.4-rc1 2023-04-27 12:07:50 -07:00
Kconfig misc: open-dice: make OPEN_DICE depend on HAS_IOMEM 2023-08-04 15:39:42 +02:00
Makefile misc: tps6594-pfsm: Add driver for TI TPS6594 PFSM 2023-06-15 13:41:53 +02:00
ad525x_dpot-i2c.c misc: Switch i2c drivers back to use .probe() 2023-05-29 15:04:52 +01:00
ad525x_dpot-spi.c
ad525x_dpot.c
ad525x_dpot.h
apds990x.c misc: Switch i2c drivers back to use .probe() 2023-05-29 15:04:52 +01:00
apds9802als.c misc: Switch i2c drivers back to use .probe() 2023-05-29 15:04:52 +01:00
atmel-ssc.c misc: atmel-ssc: Use devm_platform_get_and_ioremap_resource() 2023-08-04 15:38:45 +02:00
bh1770glc.c misc: Switch i2c drivers back to use .probe() 2023-05-29 15:04:52 +01:00
cs5535-mfgpt.c
ds1682.c misc: Switch i2c drivers back to use .probe() 2023-05-29 15:04:52 +01:00
dummy-irq.c
dw-xdata-pcie.c
enclosure.c drivers: remove struct module * setting from struct class 2023-03-17 15:16:27 +01:00
fastrpc.c misc: Explicitly include correct DT includes 2023-08-04 15:39:04 +02:00
gehc-achc.c
hi6421v600-irq.c misc: hi6421-spmi-pmic: Remove redundant dev_err() 2023-08-04 15:39:10 +02:00
hisi_hikey_usb.c
hmc6352.c misc: Switch i2c drivers back to use .probe() 2023-05-29 15:04:52 +01:00
hpilo.c Char/Misc drivers for 6.4-rc1 2023-04-27 12:07:50 -07:00
hpilo.h
ibmvmc.c ibmvmc: don't open-code file_inode() 2022-09-01 17:42:27 -04:00
ibmvmc.h
ics932s401.c misc: Switch i2c drivers back to use .probe() 2023-05-29 15:04:52 +01:00
isl29003.c misc: Switch i2c drivers back to use .probe() 2023-05-29 15:04:52 +01:00
isl29020.c misc: Switch i2c drivers back to use .probe() 2023-05-29 15:04:52 +01:00
kgdbts.c
lattice-ecp3-config.c
open-dice.c mm: replace vma->vm_flags direct modifications with modifier calls 2023-02-09 16:51:39 -08:00
pch_phub.c
pci_endpoint_test.c misc: pci_endpoint_test: Simplify pci_endpoint_test_msi_irq() 2023-06-23 15:04:15 -05:00
phantom.c driver core: class: remove module * from class_create() 2023-03-17 15:16:33 +01:00
qcom-coincell.c misc: Explicitly include correct DT includes 2023-08-04 15:39:04 +02:00
smpro-errmon.c misc: smpro-errmon: Remove the unneeded include <linux/i2c.h> 2023-05-31 19:00:10 +01:00
smpro-misc.c misc: smpro-misc: Add Ampere's Altra SMpro misc driver 2022-11-10 19:03:03 +01:00
sram-exec.c mm: Introduce set_memory_rox() 2022-12-15 10:37:26 -08:00
sram.c misc: Explicitly include correct DT includes 2023-08-04 15:39:04 +02:00
sram.h misc: sram: Improve and simplify clk handling 2023-03-09 17:31:53 +01:00
tifm_7xx1.c misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() 2022-11-23 19:55:26 +01:00
tifm_core.c driver core: make struct bus_type.uevent() take a const * 2023-01-27 13:45:52 +01:00
tps6594-esm.c misc: tps6594-esm: Convert to platform remove callback returning void 2023-08-04 15:39:00 +02:00
tps6594-pfsm.c misc: tps6594-pfsm: Convert to platform remove callback returning void 2023-08-04 15:38:56 +02:00
tsl2550.c misc: Switch i2c drivers back to use .probe() 2023-05-29 15:04:52 +01:00
vcpu_stall_detector.c misc: Explicitly include correct DT includes 2023-08-04 15:39:04 +02:00
vmw_balloon.c misc: vmw_balloon: fix memory leak with using debugfs_lookup() 2023-02-08 13:24:22 +01:00
xilinx_sdfec.c misc: Explicitly include correct DT includes 2023-08-04 15:39:04 +02:00
xilinx_tmr_inject.c misc: Explicitly include correct DT includes 2023-08-04 15:39:04 +02:00
xilinx_tmr_manager.c misc: Explicitly include correct DT includes 2023-08-04 15:39:04 +02:00