lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 29 Apr 2024 11:18:40 +0300
From: Heikki Krogerus <heikki.krogerus@...ux.intel.com>
To: RD Babiera <rdbabiera@...gle.com>
Cc: linux@...ck-us.net, gregkh@...uxfoundation.org, hdegoede@...hat.com,
	badhri@...gle.com, linux-usb@...r.kernel.org,
	linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH v1] usb: typec: tcpm: enforce ready state when queueing
 alt mode vdm

On Thu, Apr 25, 2024 at 10:37:21AM -0700, RD Babiera wrote:
> On Thu, Apr 25, 2024 at 2:49 AM Heikki Krogerus
> <heikki.krogerus@...ux.intel.com> wrote:
> > I'm probable missing something, but wouldn't it be safer to check
> > port->state after grabbing the lock?
> 
> I could have been more explicit in describing the deadlock, my bad.
> But there are two
> threads here:
> 
> Thread A starts in the TCPM. It is the port state machine that
> transitions to DR_SWAP
> and holds port->lock. When it unregisters DisplayPort Alt Mode, it goes into the
> DP Alt Mode driver and hangs until any DP Alt Mode work is finished.
> 
> Thread B starts in the DP Alt Mode driver. It attempts to call tcpm_enter_mode
> and the call to mutex_lock in tcpm_queue_vdm_unlock hangs because Thread A
> holds the lock. Thread A will never drop the lock because it waits for Thread B
> to finish.
> 
> So, the check is done before grabbing the lock because the thread needs to avoid
> grabbing the lock in the first place. If port->state changes between
> queueing and
> sending the message, the VDM state machine will drop the message anyways
> because port->state isn't in the ready state as well.

Okay, thanks for the explanation.

Reviewed-by: Heikki Krogerus <heikki.krogerus@...ux.intel.com>

-- 
heikki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ