| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAN6tsi508WALxzza5VEjm5wiwZrafJa32=+R8SS4vmg-ybqHig@mail.gmail.com>
Date: Mon, 17 Jul 2023 17:57:20 +0200
From: Robert Foss <rfoss@...nel.org>
To: Chen-Yu Tsai <wenst@...omium.org>
Cc: Andrzej Hajda <andrzej.hajda@...el.com>,
Neil Armstrong <neil.armstrong@...aro.org>,
Laurent Pinchart <Laurent.pinchart@...asonboard.com>,
Jonas Karlman <jonas@...boo.se>,
Jernej Skrabec <jernej.skrabec@...il.com>,
Xin Ji <xji@...logixsemi.com>,
Nícolas F. R. A. Prado
<nfraprado@...labora.com>,
AngeloGioacchino Del Regno
<angelogioacchino.delregno@...labora.com>,
linux-kernel@...r.kernel.org, dri-devel@...ts.freedesktop.org
Subject: Re: [PATCH v2] drm/bridge: anx7625: Drop device lock before drm_helper_hpd_irq_event()
On Mon, Jul 10, 2023 at 10:59 AM Chen-Yu Tsai <wenst@...omium.org> wrote:
>
> The device lock is used to serialize the low level power sequencing
> operations. Since drm_helper_hpd_irq_event() could end up calling
> .atomic_enable, which also calls power sequencing functions through
> runtime PM, this results in a real deadlock. This was observed on an
> MT8192-based Chromebook's external display (with appropriate patches [1]
> and DT changes applied).
>
> Move the drm_helper_hpd_irq_event() call outside of the lock range. The
> lock only needs to be held so that the device status can be read back.
> This is the bare minimum change to avoid the deadlock. The lock could
> be dropped completely and have pm_runtime_get_if_in_use() increase the
> reference count, but this is not the same as pm_runtime_suspended().
>
> Dropping the lock completely also causes the internal display of the
> same device to not function correctly if the internal bridge's
> interrupt line is added in the device tree. Both the internal and
> external display of said device each use one anx7625 bridge.
>
> [1] https://lore.kernel.org/dri-devel/20230112042104.4107253-1-treapking@chromium.org/
>
> Fixes: 60487584a79a ("drm/bridge: anx7625: refactor power control to use runtime PM framework")
> Signed-off-by: Chen-Yu Tsai <wenst@...omium.org>
> ---
> Changes since v1:
> - restore early return if event < 0
>
> drivers/gpu/drm/bridge/analogix/anx7625.c | 14 ++++++++------
> 1 file changed, 8 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/gpu/drm/bridge/analogix/anx7625.c b/drivers/gpu/drm/bridge/analogix/anx7625.c
> index 866d018f4bb1..e93eba89d5ee 100644
> --- a/drivers/gpu/drm/bridge/analogix/anx7625.c
> +++ b/drivers/gpu/drm/bridge/analogix/anx7625.c
> @@ -1593,18 +1593,20 @@ static void anx7625_work_func(struct work_struct *work)
>
> mutex_lock(&ctx->lock);
>
> - if (pm_runtime_suspended(&ctx->client->dev))
> - goto unlock;
> + if (pm_runtime_suspended(&ctx->client->dev)) {
> + mutex_unlock(&ctx->lock);
> + return;
> + }
>
> event = anx7625_hpd_change_detect(ctx);
> +
> + mutex_unlock(&ctx->lock);
> +
> if (event < 0)
> - goto unlock;
> + return;
>
> if (ctx->bridge_attached)
> drm_helper_hpd_irq_event(ctx->bridge.dev);
> -
> -unlock:
> - mutex_unlock(&ctx->lock);
> }
>
> static irqreturn_t anx7625_intr_hpd_isr(int irq, void *data)
> --
> 2.41.0.255.g8b1d071c50-goog
>
LGTM, let's snooze this until next week, incase someone comes up with an issue.
Reviewed-by: Robert Foss <rfoss@...nel.org>
Powered by blists - more mailing lists