| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 9 Nov 2022 16:48:01 +0800
From: Wang Yufen <wangyufen@...wei.com>
To: <linux-leds@...r.kernel.org>, <linux-kernel@...r.kernel.org>
CC: <pavel@....cz>, Wang Yufen <wangyufen@...wei.com>
Subject: [PATCH 00/13] leds: Fix devm vs. non-devm ordering
Fault-inject tests reports this issue:
DEBUG_LOCKS_WARN_ON(lock->magic != lock)
WARNING: CPU: 2 PID: 52 at kernel/locking/mutex.c:582 __mutex_lock+0x1366/0x15b0
Call Trace:
<TASK>
cr0014114_set_sync+0x2d/0x80 [leds_cr0014114 dbd1de3fefae3e163bcc08f4eeaa6d1b243203a9]
set_brightness_delayed+0xc2/0x140
process_one_work+0x651/0xc30
worker_thread+0x30b/0x820
kthread+0x1a0/0x1e0
ret_from_fork+0x1f/0x30
</TASK>
The issue occurs in the following scenarios:
.probe()
mutex_init()
led->brightness_set_blocking = callback <-- e.g. cr0014114_set_sync()
devm_led_classdev_register_ext()
<-- dr->node.release = devm_led_classdev_release()
...
.remove()
mutex_destroy(lock) <-- lock destroy
worker_thread()
set_brightness_work
set_brightness_delayed()
__led_set_brightness_blocking()
led_cdev->brightness_set_blocking()
<-- callback, e.g. cr0014114_set_sync()
mutex_lock(lock) <-- lock is used after destroy
.release()
devm_led_classdev_release()
led_classdev_unregister()
<-- flush set_brightness_work
When non-devm resources are allocated they mustn't be followed by devm
allocations, otherwise it will break the tear down ordering and might
lead to crashes or other bugs during ->remove() stage. Fix this by
wrapping mutex_destroy() call with devm_add_action_or_reset().
Wang Yufen (13):
leds: cr0014114: Fix devm vs. non-devm ordering
leds: el15203000: Fix devm vs. non-devm ordering
leds: lm3532: Fix devm vs. non-devm ordering
leds: lm3692x: Fix devm vs. non-devm ordering
leds: lm3697: Fix devm vs. non-devm ordering
leds: lp50xx: Fix devm vs. non-devm ordering
leds: lp8860: Fix devm vs. non-devm ordering
leds: mlxreg: Fix devm vs. non-devm ordering
leds: mt6323: Fix devm vs. non-devm ordering
leds: powernv: Fix devm vs. non-devm ordering
leds: sc27xx: Fix devm vs. non-devm ordering
leds: spi-byte: Fix devm vs. non-devm ordering
leds: rt8515: Fix devm vs. non-devm ordering
drivers/leds/flash/leds-rt8515.c | 11 +++++++++--
drivers/leds/leds-cr0014114.c | 11 ++++++++++-
drivers/leds/leds-el15203000.c | 18 +++++++++++-------
drivers/leds/leds-lm3532.c | 10 ++++++++++
drivers/leds/leds-lm3692x.c | 11 ++++++++++-
drivers/leds/leds-lm3697.c | 13 ++++++++++---
drivers/leds/leds-lp50xx.c | 12 ++++++++++--
drivers/leds/leds-lp8860.c | 11 +++++++++--
drivers/leds/leds-mlxreg.c | 20 ++++++++++----------
drivers/leds/leds-mt6323.c | 11 +++++++++--
drivers/leds/leds-powernv.c | 12 +++++++++---
drivers/leds/leds-sc27xx-bltc.c | 27 +++++++++++----------------
drivers/leds/leds-spi-byte.c | 21 ++++++++++-----------
13 files changed, 128 insertions(+), 60 deletions(-)
--
1.8.3.1
Powered by blists - more mailing lists