From: Petr Mladek <pmladek@suse.com>
To: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: "Thomas Weißschuh" <thomas.weissschuh@linutronix.de>,
"Andrew Morton" <akpm@linux-foundation.org>,
"Steven Rostedt" <rostedt@goodmis.org>,
"Andy Shevchenko" <andriy.shevchenko@linux.intel.com>,
"Rasmus Villemoes" <linux@rasmusvillemoes.dk>,
"Sergey Senozhatsky" <senozhatsky@chromium.org>,
"Peter Zijlstra" <peterz@infradead.org>,
"Ingo Molnar" <mingo@redhat.com>, "Will Deacon" <will@kernel.org>,
"Boqun Feng" <boqun@kernel.org>,
"Waiman Long" <longman@redhat.com>,
"Clark Williams" <clrkwllms@kernel.org>,
"Kees Cook" <kees@kernel.org>,
linux-kernel@vger.kernel.org, linux-rt-devel@lists.linux.dev
Subject: Re: [PATCH v4 5/5] lib/vsprintf: Validate spinlock context during restricted pointer formatting
Date: Fri, 26 Jun 2026 17:53:24 +0200 [thread overview]
Message-ID: <aj6gdH2KS_XrNjIm@pathway.suse.cz> (raw)
In-Reply-To: <20260625145115.KZ9l1-lv@linutronix.de>
On Thu 2026-06-25 16:51:15, Sebastian Andrzej Siewior wrote:
> On 2026-06-11 12:09:08 [+0200], Thomas Weißschuh wrote:
> > > @@ -864,7 +864,14 @@ static noinline_for_stack
> > > char *restricted_pointer(char *buf, char *end, const void *ptr,
> > > struct printf_spec spec)
> > > {
> > > + /*
> > > + * has_capability_noaudit() may use spinlocks.
> > > + * Make sure %pK is only used from valid contexts.
> > > + */
> > > + static DEFINE_WAIT_ASSERT_MAP(vsprintf_restricted_pointer_map, LD_WAIT_CONFIG);
> > > +
> > > lockdep_assert(in_task());
> > > + guard(lock_map_acquire)(&vsprintf_restricted_pointer_map);
> >
> > The kernel test robot found a lockdep violation with this patch:
> > https://lore.kernel.org/all/202606110945.d3871219-lkp@intel.com/
> >
> > My suspicion is that this is a pre-existing problem that was not visible
> > to lockdep so far, exactly what this patch is supposed to mitigate.
> > I'll investigate some more and try to reproduce it.
>
> The annotation is "wrong". What you say "I do spin_lock() here".
> Then lockdep figured out that this lock is acquired under a lock which
> is used also from within softirq. This in turn can lead to a dependency
> problem based on softirq:
>
> | CPU0 CPU1
> | ---- ----
> | lock(vsprintf_restricted_pointer_map-wait-type-assert);
> | local_irq_disable();
> | lock(&ptr[i]);
> | lock(vsprintf_restricted_pointer_map-wait-type-assert);
> | <Interrupt>
> | lock(&ptr[i]);
> |
> | *** DEADLOCK ***
>
> If I'm not mistaken then this will not happen in real life because the
> hook callback does _always_ spin_lock_irqsave() and as such it avoids
> the interrupt+lock on CPU0 in this example.
Interesting, does the spin_lock_irqsave() even allow sleeping under RT?
I mean, does spin_lock_irqsave() violate the raw_spin_lock
vs. spin_lock nesting rules?
Best Regards,
Petr
next prev parent reply other threads:[~2026-06-26 15:53 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-08 14:21 [PATCH v4 0/5] lib/vsprintf: Validate spinlock context during restricted pointer formatting Thomas Weißschuh
2026-06-08 14:21 ` [PATCH v4 1/5] locking/lockdep: Add a helper to validate the locking context without a lock Thomas Weißschuh
2026-06-08 14:21 ` [PATCH v4 2/5] locking/lockdep: Add a guard for lock_map_acquire() Thomas Weißschuh
2026-06-08 14:21 ` [PATCH v4 3/5] lib/vsprintf: Use in_task() for restricted pointer context check Thomas Weißschuh
2026-06-08 14:21 ` [PATCH v4 4/5] lib/vsprintf: Always check interrupt context restrictions Thomas Weißschuh
2026-06-08 14:21 ` [PATCH v4 5/5] lib/vsprintf: Validate spinlock context during restricted pointer formatting Thomas Weißschuh
2026-06-11 10:09 ` Thomas Weißschuh
2026-06-16 9:14 ` Petr Mladek
2026-06-25 14:51 ` Sebastian Andrzej Siewior
2026-06-26 15:53 ` Petr Mladek [this message]
2026-06-26 16:06 ` Petr Mladek
2026-06-26 17:06 ` Sebastian Andrzej Siewior
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aj6gdH2KS_XrNjIm@pathway.suse.cz \
--to=pmladek@suse.com \
--cc=akpm@linux-foundation.org \
--cc=andriy.shevchenko@linux.intel.com \
--cc=bigeasy@linutronix.de \
--cc=boqun@kernel.org \
--cc=clrkwllms@kernel.org \
--cc=kees@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-rt-devel@lists.linux.dev \
--cc=linux@rasmusvillemoes.dk \
--cc=longman@redhat.com \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=senozhatsky@chromium.org \
--cc=thomas.weissschuh@linutronix.de \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.