| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 07 Apr 2017 12:05:22 +0300
From: Joonas Lahtinen <joonas.lahtinen@...ux.intel.com>
To: Andrea Arcangeli <aarcange@...hat.com>,
Martin Kepplinger <martink@...teo.de>,
Thorsten Leemhuis <regressions@...mhuis.info>,
daniel.vetter@...el.com, Dave Airlie <airlied@...il.com>,
Chris Wilson <chris@...is-wilson.co.uk>
Cc: intel-gfx@...ts.freedesktop.org, linux-kernel@...r.kernel.org,
dri-devel@...ts.freedesktop.org
Subject: Re: [Intel-gfx] [PATCH 1/5] i915: avoid kernel hang caused by
synchronize rcu struct_mutex deadlock
On pe, 2017-04-07 at 01:23 +0200, Andrea Arcangeli wrote:
> synchronize_rcu/synchronize_sched/synchronize_rcu_expedited() will
> hang until its own workqueues are run. The i915 gem workqueues will
> wait on the struct_mutex to be released. So we cannot wait for a
> quiescent state using those rcu primitives while holding the
> struct_mutex or it creates a circular lock dependency resulting in
> kernel hangs (which is reproducible but goes undetected by lockdep).
>
> This started in commit 3d3d18f086cdda72ee18a454db70ca72c6e3246c and
> lockdep didn't detect it apparently.
The right format is;
Fixes: 3d3d18f086cd ("drm/i915: Avoid rcu_barrier() from reclaim paths (shrinker)")
> @@ -324,6 +320,16 @@ i915_gem_shrinker_scan(struct shrinker *shrinker, struct shrink_control *sc)
> if (unlock)
> mutex_unlock(&dev->struct_mutex);
>
> + if (likely(__mutex_owner(&dev->struct_mutex) != current))
This check can be dropped and synchronize_rcu_expedited() should be
embedded directly to the if (unlock) branch as it's functionally
equivalent. This can be applied to all the unlock cases, not just this
one. That should be the correct action to avoid the deadlock. I've sent
a patch to do this (Cc'd you), can you verify that it gets rid of the
problem for you?
> + /*
> + * If reclaim was invoked by an allocation done while
> + * holding the struct mutex, we cannot call
> + * synchronize_rcu_expedited() as it depends on
> + * workqueues to run but the running workqueue may be
> + * blocked waiting on us to release struct_mutex.
> + */
> + synchronize_rcu_expedited();
> +
> return freed;
> }
>
> _______________________________________________
> Intel-gfx mailing list
> Intel-gfx@...ts.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/intel-gfx
--
Joonas Lahtinen
Open Source Technology Center
Intel Corporation
Powered by blists - more mailing lists