lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <s5hwq4phbzr.wl-tiwai@suse.de>
Date:	Wed, 14 Jan 2015 11:50:48 +0100
From:	Takashi Iwai <tiwai@...e.de>
To:	Lars-Peter Clausen <lars@...afoo.de>
Cc:	Mark Brown <broonie@...nel.org>,
	"alsa-devel@...a-project.org" <alsa-devel@...a-project.org>,
	"Wang, Jiada (ESD)" <Jiada_Wang@...tor.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"lgirdwood@...il.com" <lgirdwood@...il.com>,
	"Frkuska, Joshua" <Joshua_Frkuska@...tor.com>
Subject: Re: [alsa-devel] unload Audio drivers while playback stream is active case kernel crash

At Wed, 14 Jan 2015 11:00:47 +0100,
Lars-Peter Clausen wrote:
> 
> On 01/14/2015 09:47 AM, Takashi Iwai wrote:
> > At Wed, 14 Jan 2015 09:15:36 +0100,
> > Lars-Peter Clausen wrote:
> >>
> >> On 01/14/2015 08:43 AM, Takashi Iwai wrote:
> >>> At Tue, 13 Jan 2015 21:54:12 +0000,
> >>> Mark Brown wrote:
> >>>>
> >>>> On Tue, Jan 13, 2015 at 06:24:44PM +0100, Takashi Iwai wrote:
> >>>>> Wang, Jiada (ESD) wrote:
> >>>>
> >>>>>> I am using i.MX6Q sabreSD board, which have imx_wm892 machine driver, wm8962 codec and SSI CPU DAI,
> >>>>
> >>>>>> I got Kernel crash when unloading audio drivers (playback stream is active)
> >>>>>> modprobe -r snd_soc_imx_wm8962
> >>>>>> modprobe -r snd_soc_fsl_ssi
> >>>>>> modprobe -r snd_soc_wm8962
> >>>>
> >>>>> The root problem is that you can unload the module while playing.
> >>>>> The corresponding module refcounts should have been increased during
> >>>>> used.
> >>>>
> >>>>> Do we miss [try_]module_get() somewhere in ASoC?
> >>>>
> >>>> That doesn't help, users can still forcibly unbind the driver at runtime
> >>>> without loading the module - and there's always the potential for
> >>>> actually hotpluggable hardware.  The teardown paths should be able to
> >>>> cope somewhat gracefully.
> >>>
> >>> The module refcount has to be handled while being used for stopping
> >>> module unload.  That's irrelevant from the dynamic unbinding support
> >>> itself.  Of course, the module refcount doesn't save the world, but
> >>> it's the right fix for this particular scenario.
> >>
> >> Refcounting won't help in this case. The issue is caused by a delayed work
> >> item that gets launched when the PCM stream is stopped. So if you decrease
> >> the refcount when the stream is stopped you still have a window where it is
> >> possible to remove the module while the work is still being scheduled.
> >
> > OK, so it's not about active stream.  From the reporter's description,
> > I supposed that the module gets unloaded while playing a stream, which
> > shouldn't be allowed.
> 
> Well one of the ways to trigger this is to remove the module while the 
> stream is active. But it is not exclusively a problem module unload problem. 
> E.g. the same happens if you hot-unplug the ASoC card.

Yes, unbinding can trigger a similar problem, ends up the same bad
code path.

> I don't think that we need to prevent module unload when a stream is active. 
>  From a framework point of view is not different from hot-unplug. I don't 
> see a reason why we'd jump through hoops to actively forbid removing the 
> module once it works just fine.

Well, the module unload means a more drastic cleanup.  Even if you
unbind, the code and data are still there while module unload may
clean them up all.

Above all, disallowing the module unload while using is the common
behavior of any other drivers.  Why do we have to be a rebel against
all civil manner? :)


Takashi
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ