diff mbox series

[V2,1/3] firmware: arm_sdei: fix possible deadlock

Message ID 1579145331-78633-1-git-send-email-zhangliguang@linux.alibaba.com (mailing list archive)
State New, archived
Headers show
Series [V2,1/3] firmware: arm_sdei: fix possible deadlock | expand

Commit Message

luanshi Jan. 16, 2020, 3:28 a.m. UTC 
We call sdei_reregister_event() with sdei_list_lock held but
_sdei_event_register() and sdei_event_destroy() also acquires
sdei_list_lock thus creating A-A deadlock.

Fixes: da351827240e ("firmware: arm_sdei: Add support for CPU and system
power states")

Signed-off-by: Liguang Zhang <zhangliguang@linux.alibaba.com>
---
 drivers/firmware/arm_sdei.c | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

Comments

James Morse Feb. 14, 2020, 6:32 p.m. UTC | #1 
Hi Luanshi,

On 16/01/2020 03:28, luanshi wrote:
> We call sdei_reregister_event() with sdei_list_lock held but
> _sdei_event_register() and sdei_event_destroy() also acquires
> sdei_list_lock thus creating A-A deadlock.
> 
> Fixes: da351827240e ("firmware: arm_sdei: Add support for CPU and system
> power states")
> 

(Nit: stray whitespace in the fixes tag, the backport tools may choke on this)

(Please include 'PATCH' in the [] section of the subject when posting, its part of the
'canonical patch format', and my scripts for pulling a series of the list depend on it!)


> ---

Thanks for picking up my suggestion, ... it was what I think should have been done in the
first place to avoid this bug.
Looking at your patch, we'd need to take the per-event lock around the reads of reregister
and reenable in sdei_cpuhp_up() too, and sdei_reregister_shared(), ... and this quickly
becomes much noisier than a patch for stable should be. (Sorry, I should have tried it
before suggesting it!)


I've picked up your first version, but instead of duplicating the contents of the
function, I've added '_llocked' wrappers to account for that lock already being held. This
isn't great as we have _locked too, but lockdep should keep us honest.
Because I started with your patch, git has kept you as author.
This ended up as patch 2, because it was also necessary to move those reregister updates
into their callers to fix hibernate.

I'll posted what I have next week, sorry for the hiatus.


Thanks,

James
diff mbox series

Patch

diff --git a/drivers/firmware/arm_sdei.c b/drivers/firmware/arm_sdei.c
index a479023..37e9bf0 100644
--- a/drivers/firmware/arm_sdei.c
+++ b/drivers/firmware/arm_sdei.c
@@ -45,8 +45,11 @@  static asmlinkage void (*sdei_firmware_call)(unsigned long function_id,
 static unsigned long sdei_entry_point;
 
 struct sdei_event {
-	/* These three are protected by the sdei_list_lock */
+	/* protected by the sdei_list_lock */
 	struct list_head	list;
+
+	spinlock_t		sdei_event_lock;
+	/* These two are protected by the sdei_event_lock */
 	bool			reregister;
 	bool			reenable;
 
@@ -214,6 +217,7 @@  static struct sdei_event *sdei_event_create(u32 event_num,
 		return ERR_PTR(-ENOMEM);
 
 	INIT_LIST_HEAD(&event->list);
+	spin_lock_init(&event->sdei_event_lock);
 	event->event_num = event_num;
 
 	err = sdei_api_event_get_info(event_num, SDEI_EVENT_INFO_EV_PRIORITY,
@@ -412,9 +416,9 @@  int sdei_event_enable(u32 event_num)
 		return -ENOENT;
 	}
 
-	spin_lock(&sdei_list_lock);
+	spin_lock(&event->sdei_event_lock);
 	event->reenable = true;
-	spin_unlock(&sdei_list_lock);
+	spin_unlock(&event->sdei_event_lock);
 
 	if (event->type == SDEI_EVENT_TYPE_SHARED)
 		err = sdei_api_event_enable(event->event_num);
@@ -491,10 +495,10 @@  static int _sdei_event_unregister(struct sdei_event *event)
 {
 	lockdep_assert_held(&sdei_events_lock);
 
-	spin_lock(&sdei_list_lock);
+	spin_lock(&event->sdei_event_lock);
 	event->reregister = false;
 	event->reenable = false;
-	spin_unlock(&sdei_list_lock);
+	spin_unlock(&event->sdei_event_lock);
 
 	if (event->type == SDEI_EVENT_TYPE_SHARED)
 		return sdei_api_event_unregister(event->event_num);
@@ -585,9 +589,9 @@  static int _sdei_event_register(struct sdei_event *event)
 
 	lockdep_assert_held(&sdei_events_lock);
 
-	spin_lock(&sdei_list_lock);
+	spin_lock(&event->sdei_event_lock);
 	event->reregister = true;
-	spin_unlock(&sdei_list_lock);
+	spin_unlock(&event->sdei_event_lock);
 
 	if (event->type == SDEI_EVENT_TYPE_SHARED)
 		return sdei_api_event_register(event->event_num,
@@ -598,10 +602,10 @@  static int _sdei_event_register(struct sdei_event *event)
 
 	err = sdei_do_cross_call(_local_event_register, event);
 	if (err) {
-		spin_lock(&sdei_list_lock);
+		spin_lock(&event->sdei_event_lock);
 		event->reregister = false;
 		event->reenable = false;
-		spin_unlock(&sdei_list_lock);
+		spin_unlock(&event->sdei_event_lock);
 
 		sdei_do_cross_call(_local_event_unregister, event);
 	}