| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251215122154.3180001-1-ed.tsai@mediatek.com>
Date: Mon, 15 Dec 2025 20:21:42 +0800
From: <ed.tsai@...iatek.com>
To: "Rafael J. Wysocki" <rafael@...nel.org>, Len Brown <lenb@...nel.org>,
Pavel Machek <pavel@...nel.org>, Greg Kroah-Hartman
<gregkh@...uxfoundation.org>, Danilo Krummrich <dakr@...nel.org>, "Matthias
Brugger" <matthias.bgg@...il.com>, AngeloGioacchino Del Regno
<angelogioacchino.delregno@...labora.com>, Ulf Hansson
<ulf.hansson@...aro.org>
CC: <linux-kernel@...r.kernel.org>, <linux-mediatek@...ts.infradead.org>,
<chun-hung.wu@...iatek.com>, <freddy.shin@...iatek.com>, Ed Tsai
<ed.tsai@...iatek.com>, "Rafael J. Wysocki" <rafael.j.wysocki@...el.com>,
<linux-pm@...r.kernel.org>, <linux-arm-kernel@...ts.infradead.org>
Subject: [PATCH 1/1] PM: runtime: fix bitfield race of needs_force_resume
From: Ed Tsai <ed.tsai@...iatek.com>
needs_force_resume is a bitfield member in struct dev_pm_info and must
be accessed under the same lock as its bitfield group.
A real concurrent write was observed between needs_force_resume and
idle_notification; stacks below:
write needs_force_resume:
pm_runtime_reinit+0x110/0x360
really_probe+0xe0/0x464
__driver_probe_device+0x9c/0x104
driver_probe_device+0x3c/0x1a8
__device_attach_driver+0x100/0x17c
bus_for_each_drv+0x10c/0x168
__device_attach_async_helper+0x7c/0xf4
async_run_entry_fn+0x4c/0x1b4
process_scheduled_works+0x1dc/0x498
worker_thread+0x220/0x320
kthread+0x150/0x27c
ret_from_fork+0x10/0x20
write idle_notification:
rpm_idle+0x464/0x5f8
__pm_runtime_idle+0x7c/0x170
scsi_autopm_put_device+0x18/0x28
scsi_sysfs_add_sdev+0x1a0/0x1d8
scsi_probe_and_add_lun+0xbd8/0xcd0
__scsi_add_device+0xb8/0x11c
ufshcd_async_scan+0xb4/0x3a4
async_run_entry_fn+0x4c/0x1b4
process_scheduled_works+0x1dc/0x498
worker_thread+0x220/0x320
kthread+0x150/0x27c
ret_from_fork+0x10/0x20
Fixes: 89d9cec3b1e9 ("PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit()")
Signed-off-by: Ed Tsai <ed.tsai@...iatek.com>
---
drivers/base/power/runtime.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/drivers/base/power/runtime.c b/drivers/base/power/runtime.c
index 84676cc24221..3328543b1ed8 100644
--- a/drivers/base/power/runtime.c
+++ b/drivers/base/power/runtime.c
@@ -1879,11 +1879,22 @@ void pm_runtime_reinit(struct device *dev)
pm_runtime_put(dev->parent);
}
}
+
/*
* Clear power.needs_force_resume in case it has been set by
* pm_runtime_force_suspend() invoked from a driver remove callback.
*/
+ if (dev->power.irq_safe)
+ spin_lock(&dev->power.lock);
+ else
+ spin_lock_irq(&dev->power.lock);
+
dev->power.needs_force_resume = false;
+
+ if (dev->power.irq_safe)
+ spin_unlock(&dev->power.lock);
+ else
+ spin_unlock_irq(&dev->power.lock);
}
/**
--
2.45.2
Powered by blists - more mailing lists