From patchwork Wed Sep 4 01:30:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 13789548 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8BDD7CD37BC for ; Wed, 4 Sep 2024 01:31:08 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2344D8D020D; Tue, 3 Sep 2024 21:31:08 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 1E4358D018A; Tue, 3 Sep 2024 21:31:08 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0AC778D020D; Tue, 3 Sep 2024 21:31:08 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id DF5FE8D018A for ; Tue, 3 Sep 2024 21:31:07 -0400 (EDT) Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 8E5B2A9183 for ; Wed, 4 Sep 2024 01:31:07 +0000 (UTC) X-FDA: 82525327374.30.5351133 Received: from out-186.mta1.migadu.com (out-186.mta1.migadu.com [95.215.58.186]) by imf29.hostedemail.com (Postfix) with ESMTP id 9DD46120020 for ; Wed, 4 Sep 2024 01:31:05 +0000 (UTC) Authentication-Results: imf29.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=KUlzZgiJ; dmarc=pass (policy=none) header.from=linux.dev; spf=pass (imf29.hostedemail.com: domain of andrey.konovalov@linux.dev designates 95.215.58.186 as permitted sender) smtp.mailfrom=andrey.konovalov@linux.dev ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1725413395; a=rsa-sha256; cv=none; b=qerWKRi5rHuFlkOu8j05ZlB5yEOh3qbe6JCV6jP07ataJf5jqYM0J/mshO0/UlzTz/LSIB HB4BFNSQKQIb3+l2bB0HSzGFUR12It9Wis7I1pWcWzigPWmZRFURNPZQGCxEXRnFT2JtV8 gj1/T+BpCgxxK9DwroqcZrSWssfPux8= ARC-Authentication-Results: i=1; imf29.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=KUlzZgiJ; dmarc=pass (policy=none) header.from=linux.dev; spf=pass (imf29.hostedemail.com: domain of andrey.konovalov@linux.dev designates 95.215.58.186 as permitted sender) smtp.mailfrom=andrey.konovalov@linux.dev ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1725413395; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=WL9bEn+qeDafnFmH2mu2935t12N8fCu85vsLBSg/BdU=; b=FnQ8hC/eYLf6sxSCHvMlyisRTf3sHPfZFYFG3G6+OGjwusV/zQWVji3o4sMsiwnUirCtQ9 L59PU9tXgz3RT34GSc+csymnn9brQlkch6k6fQqPOR8mUOrMK10URfhVi19KaQto6Fr0kw XCnzr854ypm0lBXu5FpuGYSDWQklHtk= X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1725413463; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=WL9bEn+qeDafnFmH2mu2935t12N8fCu85vsLBSg/BdU=; b=KUlzZgiJuJSYHN+i7rnldF1DXMLALcV5cP8B74rvHYdqcgDTYYan8dRZQCvsclGrJshFeM YB8GHLB/CSUWZ4TYvL/xb9go8Z76o/l2YvTsaFs6C6f0CdYdI/EuwMUavGD3hzLAtRjQZR kImfUL3RcfUylpBB/OCSB/vcbskOMqs= From: andrey.konovalov@linux.dev To: Greg Kroah-Hartman Cc: Andrey Konovalov , Dmitry Vyukov , Aleksandr Nogikh , Marco Elver , Alexander Potapenko , kasan-dev@googlegroups.com, Andrew Morton , linux-mm@kvack.org, Alan Stern , Marcello Sylvester Bauer , linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org, syzbot+2388cdaeb6b10f0c13ac@syzkaller.appspotmail.com, syzbot+17ca2339e34a1d863aad@syzkaller.appspotmail.com, syzbot+c793a7eca38803212c61@syzkaller.appspotmail.com, syzbot+1e6e0b916b211bee1bd6@syzkaller.appspotmail.com, kernel test robot , stable@vger.kernel.org Subject: [PATCH RESEND] usb: gadget: dummy_hcd: execute hrtimer callback in softirq context Date: Wed, 4 Sep 2024 03:30:51 +0200 Message-Id: <20240904013051.4409-1-andrey.konovalov@linux.dev> MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-Rspamd-Queue-Id: 9DD46120020 X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: 6xitg9ptrorhyhz3ckfr8jf3twucjg64 X-HE-Tag: 1725413465-171695 X-HE-Meta: U2FsdGVkX19N6YktRKGC89+crT5mqfJ04tESTaUBp7Hd1ZtlcwBaAAUKFhNf72Dnx0D93UCKdjdrgtu0MDoU6GC+m+L4IqJhEYAMZ4pwFNMiw9IbO9VEuYb6DfT9o1A73U3XX3k10+gqKWgVLQ7YO8YoJG9KVX6zlgtjOL5txjSgxOKoa5/uxKiIAcdjKeyDWt3x4D3k7iYkq6fDFEbxKt2vqlZoHk2NlOACi/v8CUFyiOxi7/kAeDhmcl32X5trDX2Fa/F4qvrknry4kdmStYRZtnwwmKbdR1JN444TZhLs86FoRTu21nbmh/Sk7p9YbYqsMQRc+o6qFZSdFmoJrjmdB9C3IWnhqSEXfSav8Dy6QmjCYKPq+7wvpjq1rSApby59TRhdWSahqvRmhWq5poSE05HRLzeX5Y+P6g1rxbc7dbEMWaSwaMF/g8Oa9NEgyhV57t3kdv8b9hSdq5R98xHINVM7NdCDrxyefi7/fxOOhID05tyViKiZRpRbZGWww8IAeTy0avGymwsVjCLggphZVsrmWen4puuH+72KgnG5IU8Yu+c70J4actqxljkh/4VU9RzmhNmdZAfwCqECI4gQ9VPPtnSEl9A9EV8a5IGFVrNIN32+hA/9CHT8p93KDF6W+EFNfhVnQMj/i8ehpiR+VLunvOkp1PnszmNV7xZ/KgQy/uEH3uieRXmmra0fal1CfQWbA2ECB1ZLgmZmGWiR9oD+tmWNaje8v7P/IpXGFziJ4Gj8Uyc7sneZuelA0G3PgD+s7A5IVU52NCzxxiFalMUMhG2q9vMWNFZnr0kMeEDytcq5Hs2uhmbF/HjLRUON8pJFe8Ox6aon9SrsK8g/PysznemeKuVs0VJE/mahC88OuWYLOo5V9/7C70aOLT5RCNNadXfw5r3xc/dGCZ6rSOVoWFI3/hhNhUq5aKcVZGVsPgYUUM5BQ6QEut8zCUb2AVfrWoNs4EKEHdV upj/MlT4 mM7NWKJqOnBEEWuWGhqYc2dwd3B/r/KjeYXl+rY6kxUG7cyrcqrAMHVubWkZtMXiuilv+glTg92gEGEK/BoIRY4Y3U2620nsYouBxeVf1OqpRMwdYmQPyIrFHlZ6Es0j7x+XvqWewfqyrSi56e8IfiUWNqQ29fxKTMKlp6EzzxXeFv5otXUUZBWRGsG5Qt9LEatm8jpeQ4Tbe2PbqUWXD1F0LVE5slc95AqsTNzTG50FASKuUPx81KLGSuAZT1SVZSO6YBUAfSHAyvq1Kde/sn61ej0sUEMXpnPM57T9WVypAjw/Zrr9h9CzUltvblqEAqtEoHRWl7H5IVkb3oTn/pVbJ/fEU5As8uAnxHeCMDPcE0GrQcG39mGGCnpcYGmEAVXKhjoJ+1DFIp1SiPZ+BhDc5paf0hZvxg1Zc5Qz4XqPTbUAKumWjj+6bMpnwpp8oKxPyvRxEVerTvupMitTWsFwmg1JG5RxsMv7dPcLAlRoLkn2TwQ19oa8Il75UO2Ph3ySfxYJ7YUDfjJM5i/g+lwE39WNxEuGkgXk34eohK/AfQMk= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Andrey Konovalov Commit a7f3813e589f ("usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler") switched dummy_hcd to use hrtimer and made the timer's callback be executed in the hardirq context. With that change, __usb_hcd_giveback_urb now gets executed in the hardirq context, which causes problems for KCOV and KMSAN. One problem is that KCOV now is unable to collect coverage from the USB code that gets executed from the dummy_hcd's timer callback, as KCOV cannot collect coverage in the hardirq context. Another problem is that the dummy_hcd hrtimer might get triggered in the middle of a softirq with KCOV remote coverage collection enabled, and that causes a WARNING in KCOV, as reported by syzbot. (I sent a separate patch to shut down this WARNING, but that doesn't fix the other two issues.) Finally, KMSAN appears to ignore tracking memory copying operations that happen in the hardirq context, which causes false positive kernel-infoleaks, as reported by syzbot. Change the hrtimer in dummy_hcd to execute the callback in the softirq context. Reported-by: syzbot+2388cdaeb6b10f0c13ac@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=2388cdaeb6b10f0c13ac Reported-by: syzbot+17ca2339e34a1d863aad@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=17ca2339e34a1d863aad Reported-by: syzbot+c793a7eca38803212c61@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=c793a7eca38803212c61 Reported-by: syzbot+1e6e0b916b211bee1bd6@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=1e6e0b916b211bee1bd6 Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202406141323.413a90d2-lkp@intel.com Fixes: a7f3813e589f ("usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler") Cc: stable@vger.kernel.org Acked-by: Marcello Sylvester Bauer Signed-off-by: Andrey Konovalov --- No difference to v1 except a few more tags. --- drivers/usb/gadget/udc/dummy_hcd.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/drivers/usb/gadget/udc/dummy_hcd.c b/drivers/usb/gadget/udc/dummy_hcd.c index f37b0d8386c1a..ff7bee78bcc49 100644 --- a/drivers/usb/gadget/udc/dummy_hcd.c +++ b/drivers/usb/gadget/udc/dummy_hcd.c @@ -1304,7 +1304,8 @@ static int dummy_urb_enqueue( /* kick the scheduler, it'll do the rest */ if (!hrtimer_active(&dum_hcd->timer)) - hrtimer_start(&dum_hcd->timer, ns_to_ktime(DUMMY_TIMER_INT_NSECS), HRTIMER_MODE_REL); + hrtimer_start(&dum_hcd->timer, ns_to_ktime(DUMMY_TIMER_INT_NSECS), + HRTIMER_MODE_REL_SOFT); done: spin_unlock_irqrestore(&dum_hcd->dum->lock, flags); @@ -1325,7 +1326,7 @@ static int dummy_urb_dequeue(struct usb_hcd *hcd, struct urb *urb, int status) rc = usb_hcd_check_unlink_urb(hcd, urb, status); if (!rc && dum_hcd->rh_state != DUMMY_RH_RUNNING && !list_empty(&dum_hcd->urbp_list)) - hrtimer_start(&dum_hcd->timer, ns_to_ktime(0), HRTIMER_MODE_REL); + hrtimer_start(&dum_hcd->timer, ns_to_ktime(0), HRTIMER_MODE_REL_SOFT); spin_unlock_irqrestore(&dum_hcd->dum->lock, flags); return rc; @@ -1995,7 +1996,8 @@ static enum hrtimer_restart dummy_timer(struct hrtimer *t) dum_hcd->udev = NULL; } else if (dum_hcd->rh_state == DUMMY_RH_RUNNING) { /* want a 1 msec delay here */ - hrtimer_start(&dum_hcd->timer, ns_to_ktime(DUMMY_TIMER_INT_NSECS), HRTIMER_MODE_REL); + hrtimer_start(&dum_hcd->timer, ns_to_ktime(DUMMY_TIMER_INT_NSECS), + HRTIMER_MODE_REL_SOFT); } spin_unlock_irqrestore(&dum->lock, flags); @@ -2389,7 +2391,7 @@ static int dummy_bus_resume(struct usb_hcd *hcd) dum_hcd->rh_state = DUMMY_RH_RUNNING; set_link_state(dum_hcd); if (!list_empty(&dum_hcd->urbp_list)) - hrtimer_start(&dum_hcd->timer, ns_to_ktime(0), HRTIMER_MODE_REL); + hrtimer_start(&dum_hcd->timer, ns_to_ktime(0), HRTIMER_MODE_REL_SOFT); hcd->state = HC_STATE_RUNNING; } spin_unlock_irq(&dum_hcd->dum->lock); @@ -2467,7 +2469,7 @@ static DEVICE_ATTR_RO(urbs); static int dummy_start_ss(struct dummy_hcd *dum_hcd) { - hrtimer_init(&dum_hcd->timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + hrtimer_init(&dum_hcd->timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL_SOFT); dum_hcd->timer.function = dummy_timer; dum_hcd->rh_state = DUMMY_RH_RUNNING; dum_hcd->stream_en_ep = 0; @@ -2497,7 +2499,7 @@ static int dummy_start(struct usb_hcd *hcd) return dummy_start_ss(dum_hcd); spin_lock_init(&dum_hcd->dum->lock); - hrtimer_init(&dum_hcd->timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + hrtimer_init(&dum_hcd->timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL_SOFT); dum_hcd->timer.function = dummy_timer; dum_hcd->rh_state = DUMMY_RH_RUNNING;