| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 1 Feb 2022 11:53:54 +0100
From: Karsten Graul <kgraul@...ux.ibm.com>
To: Jia-Ju Bai <baijiaju1990@...il.com>, davem@...emloft.net,
kuba@...nel.org
Cc: linux-s390@...r.kernel.org, netdev@...r.kernel.org,
linux-kernel <linux-kernel@...r.kernel.org>,
Wenjia Zhang <wenjia@...ux.ibm.com>
Subject: Re: [BUG] net: smc: possible deadlock in smc_lgr_free() and
smc_link_down_work()
On 01/02/2022 08:51, Jia-Ju Bai wrote:
> Hello,
>
> My static analysis tool reports a possible deadlock in the smc module in Linux 5.16:
>
> smc_lgr_free()
> mutex_lock(&lgr->llc_conf_mutex); --> Line 1289 (Lock A)
> smcr_link_clear()
> smc_wr_free_link()
> wait_event(lnk->wr_tx_wait, ...); --> Line 648 (Wait X)
>
> smc_link_down_work()
> mutex_lock(&lgr->llc_conf_mutex); --> Line 1683 (Lock A)
> smcr_link_down()
> smcr_link_clear()
> smc_wr_free_link()
> smc_wr_wakeup_tx_wait()
> wake_up_all(&lnk->wr_tx_wait); --> Line 78 (Wake X)
>
> When smc_lgr_free() is executed, "Wait X" is performed by holding "Lock A". If smc_link_down_work() is executed at this time, "Wake X" cannot be performed to wake up "Wait X" in smc_lgr_free(), because "Lock A" has been already hold by smc_lgr_free(), causing a possible deadlock.
>
Thank you for your reporting and the good description!
We will look into this issue and get back to you in a few days.
Powered by blists - more mailing lists