lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAFLxGvzJFBFheXWSLWSkQhT0Fh3K5dKiTg2j=FBQFW+7oobZxw@mail.gmail.com>
Date:   Thu, 17 Nov 2016 23:58:24 +0100
From:   Richard Weinberger <richard.weinberger@...il.com>
To:     Ivan Grimaldi <grimaldi.ivan@...il.com>
Cc:     "linux-mtd@...ts.infradead.org" <linux-mtd@...ts.infradead.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [BUG] mtd: blkdevs: fix deadlock

On Thu, Nov 17, 2016 at 10:15 PM, Ivan Grimaldi <grimaldi.ivan@...il.com> wrote:
> I found this deadlock with kernel version 4.4.30, when insmod the ftl
> module, which register_mtd_blktrans.
>
>   -> register_mtd_blktrans()
>   -> mutex_lock(&mtd_table_mutex)
>   -> ftl_add_mtd()
>   -> add_mtd_blktrans_dev()
>   -> add_disk()
>   -> register_disk()
>   -> blkdev_get()
>   -> __blkdev_get()
>   -> blktrans_open()
>   -> mutex_lock(&mtd_table_mutex); !!!!!!!
>
> I think the lock/unlock of the mtd_table_mutex is not necessary in
> blktrans_open and blktrans_release, the log message of lockdep
> output follow:
>
> =============================================
> [ INFO: possible recursive locking detected ]
> 4.4.30+siae-g8b14c5b-dirty #23 Not tainted
> ---------------------------------------------
> insmod/440 is trying to acquire lock:
>  (mtd_table_mutex){+.+.+.}, at: [<802fe6b0>] blktrans_open+0x30/0x1ac
>
> but task is already holding lock:
>  (mtd_table_mutex){+.+.+.}, at: [<802fe93c>] register_mtd_blktrans+0x2c/0x120
>
> other info that might help us debug this:
>  Possible unsafe locking scenario:
>
>        CPU0
>        ----
>   lock(mtd_table_mutex);
>   lock(mtd_table_mutex);
>
>  *** DEADLOCK ***
>
>  May be due to missing lock nesting notation
>
> 2 locks held by insmod/440:
>  #0:  (mtd_table_mutex){+.+.+.}, at: [<802fe93c>] register_mtd_blktrans+0x2c/0x120
>  #1:  (&bdev->bd_mutex){+.+.+.}, at: [<8013c404>] __blkdev_get+0x40/0x398
>
> stack backtrace:
> CPU: 0 PID: 440 Comm: insmod Not tainted 4.4.30+siae-g8b14c5b-dirty #23
> Hardware name: SIAE Microelettronica AGS20 (Device Tree)
> Backtrace:
> [<800140e8>] (dump_backtrace) from [<800142dc>] (show_stack+0x18/0x1c)
>  r6:60000093 r5:00000000 r4:8067cb48 r3:00000000
> [<800142c4>] (show_stack) from [<8024fe1c>] (dump_stack+0xb4/0xe8)
> [<8024fd68>] (dump_stack) from [<8006dc48>] (__lock_acquire+0x1a94/0x1f14)
>  r10:807d6db8 r9:8067cc28 r8:bdacd4c0 r7:80e933dc r6:bdacd080 r5:80e84ab4
>  r4:807d6db8 r3:00000002
> [<8006c1b4>] (__lock_acquire) from [<8006e8ec>] (lock_acquire+0x78/0x98)
>  r10:80686c38 r9:00000000 r8:00000001 r7:00000001 r6:802fe6b0 r5:60000013
>  r4:00000000
> [<8006e874>] (lock_acquire) from [<804bc708>] (mutex_lock_nested+0x54/0x3ec)
>  r7:bdacd080 r6:80e84ab4 r5:802fe6b0 r4:00000000
> [<804bc6b4>] (mutex_lock_nested) from [<802fe6b0>] (blktrans_open+0x30/0x1ac)
>  r10:00000001 r9:00000000 r8:00000001 r7:be61be10 r6:00000000 r5:bd98a400
>  r4:be61be00
> [<802fe680>] (blktrans_open) from [<8013c464>] (__blkdev_get+0xa0/0x398)
>  r8:00000000 r7:bec24f10 r6:00000000 r5:bd98a400 r4:bec24f00 r3:802fe680
> [<8013c3c4>] (__blkdev_get) from [<8013c86c>] (blkdev_get+0x110/0x348)
>  r10:bec24f00 r9:00000001 r8:be831f90 r7:bd98a40c r6:00000000 r5:00000000
>  r4:bec24f00
> [<8013c75c>] (blkdev_get) from [<8024204c>] (add_disk+0x318/0x46c)
>  r10:bec24f00 r9:00000001 r8:be831f90 r7:bd98a40c r6:bd98a480 r5:00000000
>  r4:bd98a400
> [<80241d34>] (add_disk) from [<802fde80>] (add_mtd_blktrans_dev+0x314/0x440)
>  r10:be61be9c r9:00000000 r8:00f68e00 r7:bd98a400 r6:7f00242c r5:00000000
>  r4:be61be00
> [<802fdb6c>] (add_mtd_blktrans_dev) from [<7f000c74>] (ftl_add_mtd+0x490/0x7d8 [ftl])
>  r10:bd843d28 r9:be61bf00 r8:00000000 r7:000000bf r6:00007b47 r5:00000be0
>  r4:be61be00
> [<7f0007e4>] (ftl_add_mtd [ftl]) from [<802fe9c4>] (register_mtd_blktrans+0xb4/0x120)
>  r10:00000000 r9:be618ec0 r8:7f0024c8 r7:7f004000 r6:00000000 r5:7f00242c
>  r4:be806000
> [<802fe910>] (register_mtd_blktrans) from [<7f004014>] (init_ftl+0x14/0x1c [ftl])
>  r6:be618f80 r5:8066ad20 r4:8066ad20 r3:00000000
> [<7f004000>] (init_ftl [ftl]) from [<800097bc>] (do_one_initcall+0x88/0x1e8)
> [<80009734>] (do_one_initcall) from [<800bf9f4>] (do_init_module+0x60/0x394)
>  r10:00000001 r9:be618ec0 r8:7f0024c8 r7:7f002480 r6:be618700 r5:be618ec8
>  r4:7f002480
> [<800bf994>] (do_init_module) from [<800a1b7c>] (load_module+0x1814/0x1f34)
>  r6:00000001 r5:be618ec8 r4:bd843f34
> [<800a0368>] (load_module) from [<800a2370>] (SyS_init_module+0xd4/0x148)
>  r10:bd842000 r9:00000051 r8:c6b16780 r7:76fd8788 r6:00000000 r5:00004780
>  r4:00000000
> [<800a229c>] (SyS_init_module) from [<8000fb60>] (ret_fast_syscall+0x0/0x1c)
>  r10:00000000 r9:bd842000 r8:8000fd04 r7:00000080 r6:00000191 r5:7e8cbf31
>  r4:00024780

Forgot to include the diff?

-- 
Thanks,
//richard

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ