All of lore.kernel.org
 help / color / mirror / Atom feed
From: Thomas Gleixner <tglx@linutronix.de>
To: Mukesh Ojha <quic_mojha@quicinc.com>, linux-kernel@vger.kernel.org
Cc: sboyd@kernel.org, rafael@kernel.org, johannes@sipsolutions.net,
	gregkh@linuxfoundation.org, Mukesh Ojha <quic_mojha@quicinc.com>
Subject: Re: [PATCH v2 ] devcoredump : Serialize devcd_del work
Date: Mon, 25 Apr 2022 19:00:08 +0200	[thread overview]
Message-ID: <87levt14kn.ffs@tglx> (raw)
In-Reply-To: <1650892193-12888-1-git-send-email-quic_mojha@quicinc.com>

On Mon, Apr 25 2022 at 18:39, Mukesh Ojha wrote:
> v1->v2:
>  - Added del_wk_queued to serialize the race between devcd_data_write()
>    and disabled_store().

How so?

Neither the flag nor the mutex can prevent the race between the work
being executed in parallel.

disabled_store()                                worker()    

  class_for_each_device(&devcd_class, NULL, NULL, devcd_free)
    ...
    while ((dev = class_dev_iter_next(&iter)) {
    						devcd_del()
                                                 device_del()
                                                 put_device() <- last reference
          error = fn(dev, data)                   devcd_dev_release()
            devcd_free(dev, data)                  kfree(devcd)
              mutex_lock(&devcd->mutex);
      

There is zero protection of the class iterator against the work being
executed and removing the device and freeing its data. IOW, at the
point where fn(), i.e. devcd_free(), dereferences 'dev' to acquire the
mutex, it might be gone. No?

If disabled_store() really needs to flush all instances immediately,
then it requires global serialization, not device specific serialization.

Johannes, can you please explain whether this immediate flush in
disabled_store() is really required and if so, why?

Thanks,

        tglx

  parent reply	other threads:[~2022-04-25 17:00 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-04-25 13:09 [PATCH v2 ] devcoredump : Serialize devcd_del work Mukesh Ojha
2022-04-25 14:06 ` Greg KH
2022-04-25 17:00 ` Thomas Gleixner [this message]
2022-04-25 17:19   ` Johannes Berg
2022-04-25 19:37     ` Thomas Gleixner
2022-04-26 14:04       ` Mukesh Ojha
2022-04-26 21:25         ` Kees Cook
2022-04-27 11:58           ` Johannes Berg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87levt14kn.ffs@tglx \
    --to=tglx@linutronix.de \
    --cc=gregkh@linuxfoundation.org \
    --cc=johannes@sipsolutions.net \
    --cc=linux-kernel@vger.kernel.org \
    --cc=quic_mojha@quicinc.com \
    --cc=rafael@kernel.org \
    --cc=sboyd@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.