lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 06 Oct 2021 21:15:06 +0206
From:   John Ogness <john.ogness@...utronix.de>
To:     Johan Hovold <johan@...nel.org>, Tejun Heo <tj@...nel.org>
Cc:     Lai Jiangshan <jiangshanlai@...il.com>,
        Petr Mladek <pmladek@...e.com>,
        Sergey Senozhatsky <senozhatsky@...omium.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Fabio Estevam <festevam@...x.de>, linux-serial@...r.kernel.org,
        linux-kernel@...r.kernel.org, Johan Hovold <johan@...nel.org>,
        stable@...r.kernel.org
Subject: Re: [PATCH v2] workqueue: fix state-dump console deadlock

On 2021-10-06, Johan Hovold <johan@...nel.org> wrote:
> Console drivers often queue work while holding locks also taken in their
> console write paths, something which can lead to deadlocks on SMP when
> dumping workqueue state (e.g. sysrq-t or on suspend failures).
>
> For serial console drivers this could look like:
>
> 	CPU0				CPU1
> 	----				----
>
> 	show_workqueue_state();
> 	  lock(&pool->lock);		<IRQ>
> 	  				  lock(&port->lock);
> 					  schedule_work();
> 					    lock(&pool->lock);
> 	  printk();
> 	    lock(console_owner);
> 	    lock(&port->lock);
>
> where workqueues are, for example, used to push data to the line
> discipline, process break signals and handle modem-status changes. Line
> disciplines and serdev drivers can also queue work on write-wakeup
> notifications, etc.
>
> Reworking every console driver to avoid queuing work while holding locks
> also taken in their write paths would complicate drivers and is neither
> desirable or feasible.
>
> Instead use the deferred-printk mechanism to avoid printing while
> holding pool locks when dumping workqueue state.

When I introduced the printk_deferred_enter/exit functions, I kind of
expected patches like this to start showing up. The functions make it
really convenient to establish general sections of console print
deferring.

When we move to kthread-printers, all printk calls will be deferred
automatically. However, that is only during normal operation. The
various printk_deferred sites may still be significant and will continue
to have special meaning during startup and shutdown states, when the
kthreads will not be active and direct printing will exist as it is now.

FWIW, I am OK with this patch. It will be re-evaluated once we have
kthread-printers, but I suspect even then it will remain.

> Note that there are a few WARN_ON() assertions in the workqueue code
> which could potentially also trigger a deadlock. Hopefully the ongoing
> printk rework will provide a general solution for this eventually.
>
> This was originally reported after a lockdep splat when executing
> sysrq-t with the imx serial driver.
>
> Fixes: 3494fc30846d ("workqueue: dump workqueues on sysrq-t")
> Cc: stable@...r.kernel.org	# 4.0
> Reported-by: Fabio Estevam <festevam@...x.de>
> Tested-by: Fabio Estevam <festevam@...x.de>
> Signed-off-by: Johan Hovold <johan@...nel.org>

Reviewed-by: John Ogness <john.ogness@...utronix.de>

> ---
>
> Changes in v2
>  - defer printing also of worker pool state (Peter Mladek)
>  - add Fabio's tested-by tag
>
>
>  kernel/workqueue.c | 18 ++++++++++++++++--
>  1 file changed, 16 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/workqueue.c b/kernel/workqueue.c
> index 33a6b4a2443d..1b3eb1e9531f 100644
> --- a/kernel/workqueue.c
> +++ b/kernel/workqueue.c
> @@ -4830,8 +4830,16 @@ void show_workqueue_state(void)
>  
>  		for_each_pwq(pwq, wq) {
>  			raw_spin_lock_irqsave(&pwq->pool->lock, flags);
> -			if (pwq->nr_active || !list_empty(&pwq->inactive_works))
> +			if (pwq->nr_active || !list_empty(&pwq->inactive_works)) {
> +				/*
> +				 * Defer printing to avoid deadlocks in console
> +				 * drivers that queue work while holding locks
> +				 * also taken in their write paths.
> +				 */
> +				printk_deferred_enter();
>  				show_pwq(pwq);
> +				printk_deferred_exit();
> +			}
>  			raw_spin_unlock_irqrestore(&pwq->pool->lock, flags);
>  			/*
>  			 * We could be printing a lot from atomic context, e.g.
> @@ -4849,7 +4857,12 @@ void show_workqueue_state(void)
>  		raw_spin_lock_irqsave(&pool->lock, flags);
>  		if (pool->nr_workers == pool->nr_idle)
>  			goto next_pool;
> -
> +		/*
> +		 * Defer printing to avoid deadlocks in console drivers that
> +		 * queue work while holding locks also taken in their write
> +		 * paths.
> +		 */
> +		printk_deferred_enter();
>  		pr_info("pool %d:", pool->id);
>  		pr_cont_pool_info(pool);
>  		pr_cont(" hung=%us workers=%d",
> @@ -4864,6 +4877,7 @@ void show_workqueue_state(void)
>  			first = false;
>  		}
>  		pr_cont("\n");
> +		printk_deferred_exit();
>  	next_pool:
>  		raw_spin_unlock_irqrestore(&pool->lock, flags);
>  		/*
> -- 
> 2.32.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ