lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <b3edc81f-8082-4a7d-9c12-38c44fd3f888@kzalloc.com>
Date: Sat, 16 Aug 2025 10:47:08 +0900
From: Yunseong Kim <ysk@...lloc.com>
To: linux-usb@...r.kernel.org, gregkh@...uxfoundation.org,
 stern@...land.harvard.edu
Cc: Andrey Konovalov <andreyknvl@...gle.com>,
 Shuah Khan <skhan@...uxfoundation.org>, Thomas Gleixner
 <tglx@...utronix.de>, Sebastian Andrzej Siewior <bigeasy@...utronix.de>,
 Clark Williams <clrkwllms@...nel.org>, Steven Rostedt <rostedt@...dmis.org>,
 linux-rt-users@...r.kernel.org, linux-kernel@...r.kernel.org,
 syzkaller@...glegroups.com
Subject: Re: [BUG] usbip: vhci: Sleeping function called from invalid context
 in vhci_urb_enqueue on PREEMPT_RT

P.S.

Just to clarify,

On 8/16/25 10:29 AM, Yunseong Kim wrote:
> While testing a PREEMPT_RT enabled kernel (based on v6.17.0-rc1),
> I encountered a "BUG: sleeping function called from invalid context"
> error originating from the USB/IP VHCI driver.
> 
> On PREEMPT_RT configurations, standard spin_lock() calls are replaced by
> rt_spin_lock(). Since rt_spin_lock() may sleep when contended, it must not
> be called from an atomic context (e.g., with interrupts disabled).
> 
> The issue occurs within the vhci_urb_enqueue function This function
> explicitly disables local interrupts using local_irq_disable() immediately
> before calling usb_hcd_giveback_urb(), adhering to HCD requirements.
> 
> This error reported after this work:
> Link: https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git/commit/?h=usb-linus&id=9528d32873b38281ae105f2f5799e79ae9d086c2

To be clear and avoid any misunderstanding, reporting was done after
this work "kcov, usb: Don't disable interrupts in kcov_remote_start_usb_softirq()"
because the fuzzing could proceed smoothly on PREEMPT_RT following this work,
which allowed the issue to be discovered. It does not mean that this step
introduced the error at all.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ