mirros/rockchip-kernel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9fee985f9afa2fd5ee2c024d1a35b86e56bd1b63
rockchip-kernel/kernel
History
Waiman Long 9fee985f9a copy_process(): Move fd_install() out of sighand->siglock critical section 
commit ddc204b517 upstream.

I was made aware of the following lockdep splat:

[ 2516.308763] =====================================================
[ 2516.309085] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected
[ 2516.309433] 5.14.0-51.el9.aarch64+debug #1 Not tainted
[ 2516.309703] -----------------------------------------------------
[ 2516.310149] stress-ng/153663 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[ 2516.310512] ffff0000e422b198 (&newf->file_lock){+.+.}-{2:2}, at: fd_install+0x368/0x4f0
[ 2516.310944]
               and this task is already holding:
[ 2516.311248] ffff0000c08140d8 (&sighand->siglock){-.-.}-{2:2}, at: copy_process+0x1e2c/0x3e80
[ 2516.311804] which would create a new lock dependency:
[ 2516.312066]  (&sighand->siglock){-.-.}-{2:2} -> (&newf->file_lock){+.+.}-{2:2}
[ 2516.312446]
               but this new dependency connects a HARDIRQ-irq-safe lock:
[ 2516.312983]  (&sighand->siglock){-.-.}-{2:2}
   :
[ 2516.330700]  Possible interrupt unsafe locking scenario:

[ 2516.331075]        CPU0                    CPU1
[ 2516.331328]        ----                    ----
[ 2516.331580]   lock(&newf->file_lock);
[ 2516.331790]                                local_irq_disable();
[ 2516.332231]                                lock(&sighand->siglock);
[ 2516.332579]                                lock(&newf->file_lock);
[ 2516.332922]   <Interrupt>
[ 2516.333069]     lock(&sighand->siglock);
[ 2516.333291]
                *** DEADLOCK ***
[ 2516.389845]
               stack backtrace:
[ 2516.390101] CPU: 3 PID: 153663 Comm: stress-ng Kdump: loaded Not tainted 5.14.0-51.el9.aarch64+debug #1
[ 2516.390756] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015
[ 2516.391155] Call trace:
[ 2516.391302]  dump_backtrace+0x0/0x3e0
[ 2516.391518]  show_stack+0x24/0x30
[ 2516.391717]  dump_stack_lvl+0x9c/0xd8
[ 2516.391938]  dump_stack+0x1c/0x38
[ 2516.392247]  print_bad_irq_dependency+0x620/0x710
[ 2516.392525]  check_irq_usage+0x4fc/0x86c
[ 2516.392756]  check_prev_add+0x180/0x1d90
[ 2516.392988]  validate_chain+0x8e0/0xee0
[ 2516.393215]  __lock_acquire+0x97c/0x1e40
[ 2516.393449]  lock_acquire.part.0+0x240/0x570
[ 2516.393814]  lock_acquire+0x90/0xb4
[ 2516.394021]  _raw_spin_lock+0xe8/0x154
[ 2516.394244]  fd_install+0x368/0x4f0
[ 2516.394451]  copy_process+0x1f5c/0x3e80
[ 2516.394678]  kernel_clone+0x134/0x660
[ 2516.394895]  __do_sys_clone3+0x130/0x1f4
[ 2516.395128]  __arm64_sys_clone3+0x5c/0x7c
[ 2516.395478]  invoke_syscall.constprop.0+0x78/0x1f0
[ 2516.395762]  el0_svc_common.constprop.0+0x22c/0x2c4
[ 2516.396050]  do_el0_svc+0xb0/0x10c
[ 2516.396252]  el0_svc+0x24/0x34
[ 2516.396436]  el0t_64_sync_handler+0xa4/0x12c
[ 2516.396688]  el0t_64_sync+0x198/0x19c
[ 2517.491197] NET: Registered PF_ATMPVC protocol family
[ 2517.491524] NET: Registered PF_ATMSVC protocol family
[ 2591.991877] sched: RT throttling activated

One way to solve this problem is to move the fd_install() call out of
the sighand->siglock critical section.

Before commit 6fd2fe494b ("copy_process(): don't use ksys_close()
on cleanups"), the pidfd installation was done without holding both
the task_list lock and the sighand->siglock. Obviously, holding these
two locks are not really needed to protect the fd_install() call.
So move the fd_install() call down to after the releases of both locks.

Link: https://lore.kernel.org/r/20220208163912.1084752-1-longman@redhat.com
Fixes: 6fd2fe494b ("copy_process(): don't use ksys_close() on cleanups")
Reviewed-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Waiman Long <longman@redhat.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-02-23 12:01:08 +01:00
..
bpf
bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
2022-02-08 18:30:39 +01:00
cgroup
cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
2022-02-08 18:30:41 +01:00
configs
debug
kgdb: fix to kill breakpoints on initmem after boot
2021-03-04 11:38:46 +01:00
dma
dma/pool: create dma atomic pool only if dma zone has managed pages
2022-01-27 10:53:44 +01:00
entry
KVM: rseq: Update rseq when processing NOTIFY_RESUME on xfer to KVM guest
2021-10-06 15:55:49 +02:00
events
perf: Fix list corruption in perf_cgroup_switch()
2022-02-16 12:54:31 +01:00
gcov
gcov: re-fix clang-11+ support
2021-04-14 08:41:58 +02:00
irq
genirq/timings: Fix error return code in irq_timings_test_irqs()
2021-09-15 09:50:29 +02:00
kcsan
kcsan: Fix debugfs initcall return type
2021-05-26 12:06:54 +02:00
livepatch
kernel/: fix repeated words in comments
2020-10-16 11:11:19 -07:00
locking
kernel: delete repeated words in comments
2022-02-01 17:25:45 +01:00
power
PM: s2idle: ACPI: Fix wakeup interrupts handling
2022-02-16 12:54:22 +01:00
printk
printk/console: Allow to disable console output by using console="" or console=null
2021-11-12 14:58:33 +01:00
rcu
rcu: Do not report strict GPs for outgoing CPUs
2022-02-23 12:00:56 +01:00
sched
psi: Fix uaf issue when psi trigger is destroyed while being polled
2022-02-05 12:37:55 +01:00
time
clocksource: Avoid accidental unstable marking of clocksources
2022-01-27 10:54:06 +01:00
trace
tracing: Fix tp_printk option related with tp_printk_stop_on_boot
2022-02-23 12:01:06 +01:00
.gitignore
kbuild: update config_data.gz only when the content of .config is changed
2021-05-11 14:47:37 +02:00
acct.c
kernel: acct.c: fix some kernel-doc nits
2020-10-16 11:11:19 -07:00
async.c
Revert "module, async: async_synchronize_full() on module init iff async is used"
2022-02-23 12:01:00 +01:00
audit_fsnotify.c
fsnotify: generalize handle_inode_event()
2020-12-30 11:54:18 +01:00
audit_tree.c
audit: move put_tree() to avoid trim_trees refcount underflow and UAF
2021-09-03 10:09:31 +02:00
audit_watch.c
fsnotify: generalize handle_inode_event()
2020-12-30 11:54:18 +01:00
audit.c
audit: improve audit queue handling when "audit=1" on cmdline
2022-02-08 18:30:34 +01:00
audit.h
audit: change unnecessary globals into statics
2020-08-17 20:26:58 -04:00
auditfilter.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
auditsc.c
audit: fix possible null-pointer dereference in audit_filter_rules
2021-10-27 09:56:52 +02:00
backtracetest.c
treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD()
2020-07-30 11:15:58 -07:00
bounds.c
capability.c
LSM: Signal to SafeSetID when setting group IDs
2020-10-13 09:17:34 -07:00
compat.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
configs.c
context_tracking.c
cpu_pm.c
PM: cpu: Make notifier chain use a raw_spinlock_t
2021-09-15 09:50:40 +02:00
cpu.c
sched/scs: Reset task stack state in bringup_cpu()
2021-12-01 09:19:08 +01:00
crash_core.c
crash_core, vmcoreinfo: append 'SECTION_SIZE_BITS' to vmcoreinfo
2021-06-23 14:42:52 +02:00
crash_dump.c
cred.c
Revert "Add a reference to ucounts for each cred"
2021-09-08 08:49:00 +02:00
delayacct.c
dma.c
exec_domain.c
exit.c
kernel/io_uring: cancel io_uring before task works
2021-01-30 13:55:18 +01:00
extable.c
fail_function.c
fail_function: Remove a redundant mutex unlock
2020-11-19 11:58:16 -08:00
fork.c
copy_process(): Move fd_install() out of sighand->siglock critical section
2022-02-23 12:01:08 +01:00
freezer.c
Revert "kernel: freezer should treat PF_IO_WORKER like PF_KTHREAD for freezing"
2021-04-07 15:00:14 +02:00
futex.c
mm, futex: fix shared futex pgoff on shmem huge page
2021-06-30 08:47:29 -04:00
gen_kheaders.sh
groups.c
LSM: Signal to SafeSetID when setting group IDs
2020-10-13 09:17:34 -07:00
hung_task.c
kernel/hung_task.c: make type annotations consistent
2020-11-02 12:14:19 -08:00
iomem.c
irq_work.c
jump_label.c
jump_label: Fix jump_label_text_reserved() vs __init
2021-07-20 16:05:58 +02:00
kallsyms.c
treewide: Convert macro and uses of __section(foo) to __section("foo")
2020-10-25 14:51:49 -07:00
kcmp.c
exec: Transform exec_update_mutex into a rw_semaphore
2021-01-09 13:46:24 +01:00
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kcov.c
kcov: make some symbols static
2020-08-12 10:58:02 -07:00
kexec_core.c
kernel: kexec: remove the lock operation of system_transition_mutex
2021-02-03 23:28:37 +01:00
kexec_elf.c
kexec_file.c
kernel: kexec_file: fix error return code of kexec_calculate_store_digests()
2021-05-19 10:13:09 +02:00
kexec_internal.h
kexec.c
LSM: Introduce kernel_post_load_data() hook
2020-10-05 13:37:03 +02:00
kheaders.c
kmod.c
kmod: remove redundant "be an" in the comment
2020-08-12 10:58:01 -07:00
kprobes.c
kprobes: Limit max data_size of the kretprobe instances
2021-12-08 09:03:20 +01:00
ksysfs.c
kthread.c
kthread: Fix PF_KTHREAD vs to_kthread() race
2021-09-03 10:09:31 +02:00
latencytop.c
Makefile
kbuild: update config_data.gz only when the content of .config is changed
2021-05-11 14:47:37 +02:00
module_signature.c
module: harden ELF info handling
2021-03-25 09:04:11 +01:00
module_signing.c
module: harden ELF info handling
2021-03-25 09:04:11 +01:00
module-internal.h
module.c
Revert "module, async: async_synchronize_full() on module init iff async is used"
2022-02-23 12:01:00 +01:00
notifier.c
notifier: Fix broken error handling pattern
2020-09-01 09:58:03 +02:00
nsproxy.c
padata.c
padata: fix possible padata_works_lock deadlock
2020-09-04 17:51:55 +10:00
panic.c
panic: don't dump stack twice on warn
2020-11-14 11:26:04 -08:00
params.c
params: Replace zero-length array with flexible-array member
2020-10-29 17:22:59 -05:00
pid_namespace.c
memcg: enable accounting for pids in nested pid namespaces
2021-09-18 13:40:36 +02:00
pid.c
exec: Transform exec_update_mutex into a rw_semaphore
2021-01-09 13:46:24 +01:00
profile.c
profiling: fix shift-out-of-bounds bugs
2021-09-26 14:08:58 +02:00
ptrace.c
ptrace: make ptrace() fail if the tracee changed its pid unexpectedly
2021-05-26 12:06:49 +02:00
range.c
kernel.h: split out min()/max() et al. helpers
2020-10-16 11:11:19 -07:00
reboot.c
reboot: fix overflow parsing reboot cpu number
2020-11-14 11:26:03 -08:00
regset.c
regset: kill ->get()
2020-07-27 14:31:12 -04:00
relay.c
kernel/relay.c: drop unneeded initialization
2020-10-16 11:11:22 -07:00
resource.c
kernel/resource: make walk_mem_res() find all busy IORESOURCE_MEM resources
2021-05-19 10:13:09 +02:00
rseq.c
KVM: rseq: Update rseq when processing NOTIFY_RESUME on xfer to KVM guest
2021-10-06 15:55:49 +02:00
scftorture.c
scftorture: Add cond_resched() to test loop
2020-08-24 18:38:38 -07:00
scs.c
mm: memcontrol: account kernel stack per node
2020-08-07 11:33:25 -07:00
seccomp.c
seccomp: Fix setting loaded filter count during TSYNC
2021-08-18 08:59:06 +02:00
signal.c
signal: Remove the bogus sigkill_pending in ptrace_stop
2021-11-18 14:03:47 +01:00
smp.c
smp: Fix smp_call_function_single_async prototype
2021-05-14 09:50:46 +02:00
smpboot.c
sched/core: Initialize the idle task with preemption disabled
2021-07-14 16:55:50 +02:00
smpboot.h
softirq.c
softirq: Add debug check to __raise_softirq_irqoff()
2020-09-16 15:18:56 +02:00
stackleak.c
gcc-plugins/stackleak: Use noinstr in favor of notrace
2022-02-23 12:01:00 +01:00
stacktrace.c
stacktrace: Remove reliable argument from arch_stack_walk() callback
2020-09-18 14:24:16 +01:00
static_call.c
static_call: Fix unused variable warn w/o MODULE
2021-09-08 08:49:00 +02:00
stop_machine.c
stop_machine, rcu: Mark functions as notrace
2020-10-26 12:12:27 +01:00
sys_ni.c
mm/madvise: introduce process_madvise() syscall: an external memory hinting API
2020-10-18 09:27:10 -07:00
sys.c
prctl: allow to setup brk for et_dyn executables
2021-09-26 14:08:57 +02:00
sysctl-test.c
sysctl.c
bpf: Add kconfig knob for disabling unpriv bpf by default
2022-01-05 12:40:34 +01:00
task_work.c
task_work: cleanup notification modes
2020-10-17 15:05:30 -06:00
taskstats.c
taskstats: move specifying netlink policy back to ops
2020-10-02 19:11:12 -07:00
test_kprobes.c
torture.c
tracepoint.c
tracepoint: Use rcu get state and cond sync for static call updates
2021-09-03 10:09:30 +02:00
tsacct.c
taskstats: Cleanup the use of task->exit_code
2022-01-27 10:54:33 +01:00
ucount.c
Revert "Add a reference to ucounts for each cred"
2021-09-08 08:49:00 +02:00
uid16.c
uid16.h
umh.c
usermodehelper: reset umask to default before executing user process
2020-10-06 10:31:52 -07:00
up.c
smp: Fix smp_call_function_single_async prototype
2021-05-14 09:50:46 +02:00
user_namespace.c
Revert "Add a reference to ucounts for each cred"
2021-09-08 08:49:00 +02:00
user-return-notifier.c
user.c
usermode_driver.c
bpf: Fix umd memory leak in copy_process()
2021-03-30 14:32:03 +02:00
utsname_sysctl.c
utsname.c
watch_queue.c
watch_queue: Limit the number of watches a user can hold
2020-08-17 09:39:18 -07:00
watchdog_hld.c
watchdog.c
watchdog: fix barriers when printing backtraces from all CPUs
2021-05-19 10:13:00 +02:00
workqueue_internal.h
workqueue.c
workqueue: Fix unbind_workers() VS wq_worker_running() race
2022-01-16 09:14:22 +01:00