From: Greg KH <gregkh@linuxfoundation.org>
To: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Cc: Oliver Neukum <oneukum@suse.com>,
"Rafael J. Wysocki" <rafael@kernel.org>,
Wedson Almeida Filho <wedsonaf@google.com>,
Len Brown <len.brown@intel.com>, Pavel Machek <pavel@ucw.cz>,
Arnd Bergmann <arnd@arndb.de>,
linux-kernel@vger.kernel.org, linux-pm@vger.kernel.org,
Dmitry Vyukov <dvyukov@google.com>,
Arjan van de Ven <arjan@linux.intel.com>
Subject: Re: [PATCH] char: misc: make misc_open() and misc_register() killable
Date: Fri, 8 Jul 2022 15:37:33 +0200 [thread overview]
Message-ID: <YsgzHc54onQ1DeFc@kroah.com> (raw)
In-Reply-To: <22c61a75-8140-c62d-ffe0-efd6e9fa38ee@I-love.SAKURA.ne.jp>
On Thu, Jul 07, 2022 at 02:06:38PM +0900, Tetsuo Handa wrote:
> Let's summarize current location:
>
> (1) Greg wants me to fix snapshot_open() not to sleep for too long, instead of
> making misc_open() killable.
>
> (2) I found snapshot_open() calls wait_for_device_probe() which might sleep
> long enough to consider as hung up due to:
>
> (a) One of existing probe request got stuck due to unresponsive hardware.
>
> (b) New probe requests come in before existing probe requests complete.
>
> (3) Because of (2), it is difficult to guarantee snapshot_open() not to sleep for
> too long.
>
> (4) Because of (3), calling file->f_op->open(inode, file) with misc_mtx held can
> block mutex_lock(&misc_mtx) too long. This is the phenomenon syzbot is reporting.
>
> Initial mitigation was to replace mutex_lock(&misc_mtx) with mutex_lock_killable(&misc_mtx)
> so that /dev/raw-gadget users can terminate upon SIGKILL and khungtaskd will not complain
> about misc_mtx.
>
> Next mitigation was not to call file->f_op->open() with misc_mtx held.
> Wedson worried that this approach breaks modules which call misc_deregister(), but
> I think we can use this approach for modules which do not need to call misc_deregister()
> given that this approach is opt-in basis.
>
> I also think that we can bring wait_for_device_probe() in snapshot_open() to before
> lock_system_sleep(), for system_transition_mutex will not be required for waiting for
> the image device to appear. If we can accept the "not to call file->f_op->open() with
> misc_mtx held" mitigation, wait_for_device_probe() in snapshot_open() can be called
> without locks.
>
> Finding universally safe timeout value is beyond what I can do for this report.
> Regarding this report, I think we can lower the risk of regression if we apply
> timeout for atomic_read(&probe_count) == 0 from only snapshot_open().
> Can we make below changes?
>
> ------------------------------------------------------------
>
> drivers/base/dd.c | 14 ++++++++++++++
> drivers/char/misc.c | 4 ++++
> include/linux/device/driver.h | 1 +
> include/linux/miscdevice.h | 1 +
> kernel/power/user.c | 31 ++++++++++++++++++-------------
> 5 files changed, 38 insertions(+), 13 deletions(-)
Can you make this a patch series, it's hard to tease out what the
different things are attempting to do here :(
thanks,
greg k-h
next prev parent reply other threads:[~2022-07-08 13:38 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-13 12:38 INFO: task hung in misc_open (4) syzbot
2022-07-04 6:44 ` [PATCH] char: misc: make misc_open() and misc_register() killable Tetsuo Handa
2022-07-04 7:29 ` Greg KH
2022-07-04 10:25 ` Tetsuo Handa
2022-07-04 11:01 ` Greg KH
2022-07-04 12:34 ` Tetsuo Handa
2022-07-04 12:59 ` Wedson Almeida Filho
2022-07-04 13:48 ` Tetsuo Handa
2022-07-04 13:57 ` Wedson Almeida Filho
2022-07-04 14:07 ` Tetsuo Handa
2022-07-04 14:46 ` Wedson Almeida Filho
2022-07-04 14:31 ` Greg KH
2022-07-05 5:21 ` Tetsuo Handa
2022-07-05 5:37 ` Greg KH
[not found] ` <a1fcc07e-51ef-eaad-f14b-33f1263e45ac@I-love.SAKURA.ne.jp>
2022-07-05 7:20 ` Dmitry Vyukov
2022-07-05 10:10 ` Greg Kroah-Hartman
2022-07-08 6:06 ` Dmitry Vyukov
2022-07-05 14:01 ` Tetsuo Handa
2022-07-05 14:16 ` Greg KH
2022-07-05 14:35 ` Tetsuo Handa
2022-07-06 6:21 ` Tetsuo Handa
2022-07-06 6:34 ` Greg KH
2022-07-06 10:26 ` Tetsuo Handa
2022-07-06 11:04 ` Oliver Neukum
2022-07-07 5:06 ` Tetsuo Handa
2022-07-07 8:04 ` Greg KH
2022-07-08 13:37 ` Greg KH [this message]
2022-07-10 2:27 ` Tetsuo Handa
2022-07-06 12:17 ` Oliver Neukum
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YsgzHc54onQ1DeFc@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=arjan@linux.intel.com \
--cc=arnd@arndb.de \
--cc=dvyukov@google.com \
--cc=len.brown@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pm@vger.kernel.org \
--cc=oneukum@suse.com \
--cc=pavel@ucw.cz \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=rafael@kernel.org \
--cc=wedsonaf@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.