lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190128180404.GF3973@sasha-vm>
Date:   Mon, 28 Jan 2019 13:04:04 -0500
From:   Sasha Levin <sashal@...nel.org>
To:     Doug Anderson <dianders@...omium.org>
Cc:     LKML <linux-kernel@...r.kernel.org>, stable@...r.kernel.org,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: Re: [PATCH AUTOSEL 4.20 035/304] serial: core: Allow processing
 sysrq at port unlock time

On Mon, Jan 28, 2019 at 09:21:31AM -0800, Doug Anderson wrote:
>Hi,
>
>On Mon, Jan 28, 2019 at 9:16 AM Sasha Levin <sashal@...nel.org> wrote:
>>
>> On Mon, Jan 28, 2019 at 08:05:13AM -0800, Doug Anderson wrote:
>> >Hi,
>> >
>> >On Mon, Jan 28, 2019 at 7:44 AM Sasha Levin <sashal@...nel.org> wrote:
>> >>
>> >> From: Douglas Anderson <dianders@...omium.org>
>> >>
>> >> [ Upstream commit d6e1935819db0c91ce4a5af82466f3ab50d17346 ]
>> >>
>> >> Right now serial drivers process sysrq keys deep in their character
>> >> receiving code.  This means that they've already grabbed their
>> >> port->lock spinlock.  This can end up getting in the way if we've go
>> >> to do serial stuff (especially kgdb) in response to the sysrq.
>> >>
>> >> Serial drivers have various hacks in them to handle this.  Looking at
>> >> '8250_port.c' you can see that the console_write() skips locking if
>> >> we're in the sysrq handler.  Looking at 'msm_serial.c' you can see
>> >> that the port lock is dropped around uart_handle_sysrq_char().
>> >>
>> >> It turns out that these hacks aren't exactly perfect.  If you have
>> >> lockdep turned on and use something like the 8250_port hack you'll get
>> >> a splat that looks like:
>> >>
>> >>   WARNING: possible circular locking dependency detected
>> >>   [...] is trying to acquire lock:
>> >>   ... (console_owner){-.-.}, at: console_unlock+0x2e0/0x5e4
>> >>
>> >>   but task is already holding lock:
>> >>   ... (&port_lock_key){-.-.}, at: serial8250_handle_irq+0x30/0xe4
>> >>
>> >>   which lock already depends on the new lock.
>> >>
>> >>   the existing dependency chain (in reverse order) is:
>> >>
>> >>   -> #1 (&port_lock_key){-.-.}:
>> >>          _raw_spin_lock_irqsave+0x58/0x70
>> >>          serial8250_console_write+0xa8/0x250
>> >>          univ8250_console_write+0x40/0x4c
>> >>          console_unlock+0x528/0x5e4
>> >>          register_console+0x2c4/0x3b0
>> >>          uart_add_one_port+0x350/0x478
>> >>          serial8250_register_8250_port+0x350/0x3a8
>> >>          dw8250_probe+0x67c/0x754
>> >>          platform_drv_probe+0x58/0xa4
>> >>          really_probe+0x150/0x294
>> >>          driver_probe_device+0xac/0xe8
>> >>          __driver_attach+0x98/0xd0
>> >>          bus_for_each_dev+0x84/0xc8
>> >>          driver_attach+0x2c/0x34
>> >>          bus_add_driver+0xf0/0x1ec
>> >>          driver_register+0xb4/0x100
>> >>          __platform_driver_register+0x60/0x6c
>> >>          dw8250_platform_driver_init+0x20/0x28
>> >>          ...
>> >>
>> >>   -> #0 (console_owner){-.-.}:
>> >>          lock_acquire+0x1e8/0x214
>> >>          console_unlock+0x35c/0x5e4
>> >>          vprintk_emit+0x230/0x274
>> >>          vprintk_default+0x7c/0x84
>> >>          vprintk_func+0x190/0x1bc
>> >>          printk+0x80/0xa0
>> >>          __handle_sysrq+0x104/0x21c
>> >>          handle_sysrq+0x30/0x3c
>> >>          serial8250_read_char+0x15c/0x18c
>> >>          serial8250_rx_chars+0x34/0x74
>> >>          serial8250_handle_irq+0x9c/0xe4
>> >>          dw8250_handle_irq+0x98/0xcc
>> >>          serial8250_interrupt+0x50/0xe8
>> >>          ...
>> >>
>> >>   other info that might help us debug this:
>> >>
>> >>    Possible unsafe locking scenario:
>> >>
>> >>          CPU0                    CPU1
>> >>          ----                    ----
>> >>     lock(&port_lock_key);
>> >>                                  lock(console_owner);
>> >>                                  lock(&port_lock_key);
>> >>     lock(console_owner);
>> >>
>> >>    *** DEADLOCK ***
>> >>
>> >> The hack used in 'msm_serial.c' doesn't cause the above splats but it
>> >> seems a bit ugly to unlock / lock our spinlock deep in our irq
>> >> handler.
>> >>
>> >> It seems like we could defer processing the sysrq until the end of the
>> >> interrupt handler right after we've unlocked the port.  With this
>> >> scheme if a whole batch of sysrq characters comes in one irq then we
>> >> won't handle them all, but that seems like it should be a fine
>> >> compromise.
>> >>
>> >> Signed-off-by: Douglas Anderson <dianders@...omium.org>
>> >> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
>> >> Signed-off-by: Sasha Levin <sashal@...nel.org>
>> >> ---
>> >>  include/linux/serial_core.h | 37 ++++++++++++++++++++++++++++++++++++-
>> >>  1 file changed, 36 insertions(+), 1 deletion(-)
>> >
>> >FWIW this patch shouldn't hurt to be backported (I haven't heard any
>> >problems report with it), but it is effectively a no-op unless you
>> >also pick a patch that uses the new API.  For instance commit
>> >596f63da42b9 ("serial: 8250: Process sysrq at port unlock time").
>> >...and if you want that patch I think you also need commit
>> >3e6f88068314 ("serial: core: Include console.h from serial_core.h").
>> >
>> >In theory you could think about adding the "qcom_geni_serial" patches
>> >related to sysrq processing too--dunno if anyone really cares about
>> >those on 4.20 stable...
>>
>> Since no one actually tagged it for stable, probably not... I'll drop
>> it, thanks!
>
>OK.  Whatever behavior you decide on, please apply it across the
>board.  I got pings that this same patch was being picked to lots and
>lots of different stable kernels and it is equally a no-op (without
>the followup patches) everywhere.

Yup, I send a mail for each branch it was added on. It was now dropped
from all of them.

--
Thanks,
Sasha

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ