From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
Petr Mladek <pmladek@suse.com>,
"Peter Zijlstra (Intel)" <peterz@infradead.org>,
Jiri Slaby <jslaby@suse.com>,
Andrew Morton <akpm@linux-foundation.org>,
Waiman Long <longman@redhat.com>,
Dmitry Safonov <dima@arista.com>,
Steven Rostedt <rostedt@goodmis.org>,
Sasha Levin <sashal@kernel.org>
Subject: [PATCH 4.19 064/106] tty/serial: do not free trasnmit buffer page under port lock
Date: Thu, 24 Jan 2019 20:20:21 +0100 [thread overview]
Message-ID: <20190124190210.483764657@linuxfoundation.org> (raw)
In-Reply-To: <20190124190206.342411005@linuxfoundation.org>
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
[ Upstream commit d72402145ace0697a6a9e8e75a3de5bf3375f78d ]
LKP has hit yet another circular locking dependency between uart
console drivers and debugobjects [1]:
CPU0 CPU1
rhltable_init()
__init_work()
debug_object_init
uart_shutdown() /* db->lock */
/* uart_port->lock */ debug_print_object()
free_page() printk()
call_console_drivers()
debug_check_no_obj_freed() /* uart_port->lock */
/* db->lock */
debug_print_object()
So there are two dependency chains:
uart_port->lock -> db->lock
And
db->lock -> uart_port->lock
This particular circular locking dependency can be addressed in several
ways:
a) One way would be to move debug_print_object() out of db->lock scope
and, thus, break the db->lock -> uart_port->lock chain.
b) Another one would be to free() transmit buffer page out of db->lock
in UART code; which is what this patch does.
It makes sense to apply a) and b) independently: there are too many things
going on behind free(), none of which depend on uart_port->lock.
The patch fixes transmit buffer page free() in uart_shutdown() and,
additionally, in uart_port_startup() (as was suggested by Dmitry Safonov).
[1] https://lore.kernel.org/lkml/20181211091154.GL23332@shao2-debian/T/#u
Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Reviewed-by: Petr Mladek <pmladek@suse.com>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Jiri Slaby <jslaby@suse.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Waiman Long <longman@redhat.com>
Cc: Dmitry Safonov <dima@arista.com>
Cc: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/tty/serial/serial_core.c | 22 ++++++++++++++++------
1 file changed, 16 insertions(+), 6 deletions(-)
diff --git a/drivers/tty/serial/serial_core.c b/drivers/tty/serial/serial_core.c
index 80bb56facfb6..ad126f51d549 100644
--- a/drivers/tty/serial/serial_core.c
+++ b/drivers/tty/serial/serial_core.c
@@ -205,10 +205,15 @@ static int uart_port_startup(struct tty_struct *tty, struct uart_state *state,
if (!state->xmit.buf) {
state->xmit.buf = (unsigned char *) page;
uart_circ_clear(&state->xmit);
+ uart_port_unlock(uport, flags);
} else {
+ uart_port_unlock(uport, flags);
+ /*
+ * Do not free() the page under the port lock, see
+ * uart_shutdown().
+ */
free_page(page);
}
- uart_port_unlock(uport, flags);
retval = uport->ops->startup(uport);
if (retval == 0) {
@@ -268,6 +273,7 @@ static void uart_shutdown(struct tty_struct *tty, struct uart_state *state)
struct uart_port *uport = uart_port_check(state);
struct tty_port *port = &state->port;
unsigned long flags = 0;
+ char *xmit_buf = NULL;
/*
* Set the TTY IO error marker
@@ -298,14 +304,18 @@ static void uart_shutdown(struct tty_struct *tty, struct uart_state *state)
tty_port_set_suspended(port, 0);
/*
- * Free the transmit buffer page.
+ * Do not free() the transmit buffer page under the port lock since
+ * this can create various circular locking scenarios. For instance,
+ * console driver may need to allocate/free a debug object, which
+ * can endup in printk() recursion.
*/
uart_port_lock(state, flags);
- if (state->xmit.buf) {
- free_page((unsigned long)state->xmit.buf);
- state->xmit.buf = NULL;
- }
+ xmit_buf = state->xmit.buf;
+ state->xmit.buf = NULL;
uart_port_unlock(uport, flags);
+
+ if (xmit_buf)
+ free_page((unsigned long)xmit_buf);
}
/**
--
2.19.1
next prev parent reply other threads:[~2019-01-24 19:38 UTC|newest]
Thread overview: 110+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-24 19:19 [PATCH 4.19 000/106] 4.19.18-stable review Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 001/106] ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 002/106] mlxsw: spectrum: Disable lag port TX before removing it Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 003/106] mlxsw: spectrum_switchdev: Set PVID correctly during VLAN deletion Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 004/106] net: dsa: mv88x6xxx: mv88e6390 errata Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 005/106] net, skbuff: do not prefer skb allocation fails early Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 006/106] qmi_wwan: add MTU default to qmap network interface Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 007/106] r8169: Add support for new Realtek Ethernet Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 008/106] ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 009/106] net: clear skb->tstamp in bridge forwarding path Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 010/106] netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 011/106] gpio: pl061: Move irq_chip definition inside struct pl061 Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 012/106] drm/amd/display: Guard against null stream_state in set_crc_source Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 013/106] drm/amdkfd: fix interrupt spin lock Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 014/106] ixgbe: allow IPsec Tx offload in VEPA mode Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 015/106] platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 016/106] e1000e: allow non-monotonic SYSTIM readings Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 017/106] usb: typec: tcpm: Do not disconnect link for self powered devices Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 018/106] selftests/bpf: enable (uncomment) all tests in test_libbpf.sh Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 019/106] of: overlay: add missing of_node_put() after add new node to changeset Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 020/106] writeback: dont decrement wb->refcnt if !wb->bdi Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 021/106] serial: set suppress_bind_attrs flag only if builtin Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 022/106] bpf: Allow narrow loads with offset > 0 Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 023/106] ALSA: oxfw: add support for APOGEE duet FireWire Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 024/106] x86/mce: Fix -Wmissing-prototypes warnings Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 025/106] MIPS: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 026/106] crypto: ecc - regularize scalar for scalar multiplication Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 027/106] arm64: perf: set suppress_bind_attrs flag to true Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 028/106] drm/atomic-helper: Complete fake_commit->flip_done potentially earlier Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 029/106] clk: meson: meson8b: fix incorrect divider mapping in cpu_scale_table Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 030/106] samples: bpf: fix: error handling regarding kprobe_events Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 031/106] usb: gadget: udc: renesas_usb3: add a safety connection way for forced_b_device Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 032/106] fpga: altera-cvp: fix probing for multiple FPGAs on the bus Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 033/106] selinux: always allow mounting submounts Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 034/106] ASoC: pcm3168a: Dont disable pcm3168a when CONFIG_PM defined Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 035/106] scsi: qedi: Check for session online before getting iSCSI TLV data Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 036/106] drm/amdgpu: Reorder uvd ring init before uvd resume Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 037/106] rxe: IB_WR_REG_MR does not capture MRs iova field Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 038/106] efi/libstub: Disable some warnings for x86{,_64} Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 039/106] jffs2: Fix use of uninitialized delayed_work, lockdep breakage Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 040/106] clk: imx: make mux parent strings const Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 041/106] pstore/ram: Do not treat empty buffers as valid Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.19 042/106] media: uvcvideo: Refactor teardown of uvc on USB disconnect Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 043/106] powerpc/xmon: Fix invocation inside lock region Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 044/106] powerpc/pseries/cpuidle: Fix preempt warning Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 045/106] media: firewire: Fix app_info parameter type in avc_ca{,_app}_info Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 046/106] ASoC: use dma_ops of parent device for acp_audio_dma Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 047/106] media: venus: core: Set dma maximum segment size Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 048/106] staging: erofs: fix use-after-free of on-stack `z_erofs_vle_unzip_io Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 049/106] net: call sk_dst_reset when set SO_DONTROUTE Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 050/106] scsi: target: use consistent left-aligned ASCII INQUIRY data Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 051/106] scsi: target/core: Make sure that target_wait_for_sess_cmds() waits long enough Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 052/106] selftests: do not macro-expand failed assertion expressions Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 053/106] arm64: kasan: Increase stack size for KASAN_EXTRA Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 054/106] clk: imx6q: reset exclusive gates on init Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 055/106] arm64: Fix minor issues with the dcache_by_line_op macro Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 056/106] bpf: relax verifier restriction on BPF_MOV | BPF_ALU Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 057/106] kconfig: fix file name and line number of warn_ignored_character() Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 058/106] kconfig: fix memory leak when EOF is encountered in quotation Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 059/106] mmc: atmel-mci: do not assume idle after atmci_request_end Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 060/106] btrfs: volumes: Make sure there is no overlap of dev extents at mount time Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 061/106] btrfs: alloc_chunk: fix more DUP stripe size handling Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 062/106] btrfs: fix use-after-free due to race between replace start and cancel Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 063/106] btrfs: improve error handling of btrfs_add_link Greg Kroah-Hartman
2019-01-24 19:20 ` Greg Kroah-Hartman [this message]
2019-01-24 19:20 ` [PATCH 4.19 065/106] perf intel-pt: Fix error with config term "pt=0" Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 066/106] perf tests ARM: Disable breakpoint tests 32-bit Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 067/106] perf svghelper: Fix unchecked usage of strncpy() Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 068/106] perf parse-events: " Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 069/106] perf vendor events intel: Fix Load_Miss_Real_Latency on SKL/SKX Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 070/106] netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 071/106] netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 072/106] netfilter: ipt_CLUSTERIP: fix deadlock " Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 073/106] x86/topology: Use total_cpus for max logical packages calculation Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 074/106] dm crypt: use u64 instead of sector_t to store iv_offset Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 075/106] dm kcopyd: Fix bug causing workqueue stalls Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 076/106] perf stat: Avoid segfaults caused by negated options Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 077/106] tools lib subcmd: Dont add the kernel sources to the include path Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 078/106] dm snapshot: Fix excessive memory usage and workqueue stalls Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 079/106] perf cs-etm: Correct packets swapping in cs_etm__flush() Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 080/106] perf tools: Add missing sigqueue() prototype for systems lacking it Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 081/106] perf tools: Add missing open_memstream() " Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 082/106] quota: Lock s_umount in exclusive mode for Q_XQUOTA{ON,OFF} quotactls Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 083/106] clocksource/drivers/integrator-ap: Add missing of_node_put() Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 084/106] dm: Check for device sector overflow if CONFIG_LBDAF is not set Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 085/106] Bluetooth: btusb: Add support for Intel bluetooth device 8087:0029 Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 086/106] ALSA: bebob: fix model-id of unit for Apogee Ensemble Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 087/106] sysfs: Disable lockdep for driver bind/unbind files Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 088/106] IB/usnic: Fix potential deadlock Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 089/106] scsi: mpt3sas: fix memory ordering on 64bit writes Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 090/106] scsi: smartpqi: correct lun reset issues Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 091/106] ath10k: fix peer stats null pointer dereference Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 092/106] scsi: smartpqi: call pqi_free_interrupts() in pqi_shutdown() Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 093/106] scsi: megaraid: fix out-of-bound array accesses Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 094/106] iomap: dont search past page end in iomap_is_partially_uptodate Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 095/106] ocfs2: fix panic due to unrecovered local alloc Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 096/106] mm/page-writeback.c: dont break integrity writeback on ->writepage() error Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 097/106] mm/swap: use nr_node_ids for avail_lists in swap_info_struct Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 098/106] userfaultfd: clear flag if remap event not enabled Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 099/106] mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 100/106] iwlwifi: mvm: Send LQ command as async when necessary Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 101/106] Bluetooth: Fix unnecessary error message for HCI request completion Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.19 102/106] ipmi: fix use-after-free of user->release_barrier.rda Greg Kroah-Hartman
2019-01-24 19:21 ` [PATCH 4.19 103/106] ipmi: msghandler: Fix potential Spectre v1 vulnerabilities Greg Kroah-Hartman
2019-01-24 19:21 ` [PATCH 4.19 104/106] ipmi: Prevent use-after-free in deliver_response Greg Kroah-Hartman
2019-01-24 19:21 ` [PATCH 4.19 105/106] ipmi:ssif: Fix handling of multi-part return messages Greg Kroah-Hartman
2019-01-24 19:21 ` [PATCH 4.19 106/106] ipmi: Dont initialize anything in the core until something uses it Greg Kroah-Hartman
2019-01-25 14:51 ` [PATCH 4.19 000/106] 4.19.18-stable review shuah
2019-01-25 16:18 ` Naresh Kamboju
2019-01-25 23:20 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190124190210.483764657@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=akpm@linux-foundation.org \
--cc=dima@arista.com \
--cc=jslaby@suse.com \
--cc=linux-kernel@vger.kernel.org \
--cc=longman@redhat.com \
--cc=peterz@infradead.org \
--cc=pmladek@suse.com \
--cc=rostedt@goodmis.org \
--cc=sashal@kernel.org \
--cc=sergey.senozhatsky@gmail.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).