| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170118234612.26157.95913.stgit@bhelgaas-glaptop.roam.corp.google.com>
Date: Wed, 18 Jan 2017 17:46:12 -0600
From: Bjorn Helgaas <bhelgaas@...gle.com>
To: linux-pci@...r.kernel.org
Cc: Jan Kiszka <jan.kiszka@...mens.com>, linux-kernel@...r.kernel.org,
Matthew Wilcox <mawilcox@...rosoft.com>
Subject: [PATCH] PCI: Avoid possible deadlock on pci_lock and p->pi_lock
pci_lock is an IRQ-safe spinlock that protects all accesses to PCI
configuration space (see PCI_OP_READ() and PCI_OP_WRITE() in pci/access.c).
The pci_cfg_access_unlock() path acquires pci_lock, then p->pi_lock (inside
wake_up_all()). According to lockdep, there is a possible path involving
snbep_uncore_pci_read_counter() that could acquire them in the reverse
order: acquiring p->pi_lock, then pci_lock, which could result in a
deadlock. Lockdep details are in the bugzilla below.
Avoid the possible deadlock by dropping pci_lock before waking up any
config access waiters.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=192901
Signed-off-by: Bjorn Helgaas <bhelgaas@...gle.com>
---
drivers/pci/access.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/pci/access.c b/drivers/pci/access.c
index db239547fefd..68bd7201d8bc 100644
--- a/drivers/pci/access.c
+++ b/drivers/pci/access.c
@@ -684,8 +684,9 @@ void pci_cfg_access_unlock(struct pci_dev *dev)
WARN_ON(!dev->block_cfg_access);
dev->block_cfg_access = 0;
- wake_up_all(&pci_cfg_wait);
raw_spin_unlock_irqrestore(&pci_lock, flags);
+
+ wake_up_all(&pci_cfg_wait);
}
EXPORT_SYMBOL_GPL(pci_cfg_access_unlock);
Powered by blists - more mailing lists