[PATCH] powercap: fix race condition in register_control

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] powercap: fix race condition in register_control_type
@ 2025-12-05 19:02 Sumeet Pawnikar
  2025-12-15 11:30 ` Rafael J. Wysocki
  0 siblings, 1 reply; 3+ messages in thread
From: Sumeet Pawnikar @ 2025-12-05 19:02 UTC (permalink / raw)
  To: rafael, linux-pm; +Cc: linux-kernel, sumeet4linux

The device becomes visible to userspace via device_register()
even before it fully initialized by idr_init(). If userspace
or another thread tries to register a zone immediately after
device_register(), the control_type_valid() will fail because
the control_type is not yet in the list. The IDR is not yet
initialized, so this race condition causes zone registration
failure.

Move idr_init() and list addition before device_register()
fix the race condition.

Signed-off-by: Sumeet Pawnikar <sumeet4linux@gmail.com>
---
 drivers/powercap/powercap_sys.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/drivers/powercap/powercap_sys.c b/drivers/powercap/powercap_sys.c
index 4112a0097338..bdc65e040d17 100644
--- a/drivers/powercap/powercap_sys.c
+++ b/drivers/powercap/powercap_sys.c
@@ -625,17 +625,22 @@ struct powercap_control_type *powercap_register_control_type(
 	INIT_LIST_HEAD(&control_type->node);
 	control_type->dev.class = &powercap_class;
 	dev_set_name(&control_type->dev, "%s", name);
-	result = device_register(&control_type->dev);
-	if (result) {
-		put_device(&control_type->dev);
-		return ERR_PTR(result);
-	}
 	idr_init(&control_type->idr);
 
 	mutex_lock(&powercap_cntrl_list_lock);
 	list_add_tail(&control_type->node, &powercap_cntrl_list);
 	mutex_unlock(&powercap_cntrl_list_lock);
 
+	result = device_register(&control_type->dev);
+	if (result) {
+		mutex_lock(&powercap_cntrl_list_lock);
+		list_del(&control_type->node);
+		mutex_unlock(&powercap_cntrl_list_lock);
+		idr_destroy(&control_type->idr);
+		put_device(&control_type->dev);
+		return ERR_PTR(result);
+	}
+
 	return control_type;
 }
 EXPORT_SYMBOL_GPL(powercap_register_control_type);
-- 
2.43.0


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] powercap: fix race condition in register_control_type
  2025-12-05 19:02 [PATCH] powercap: fix race condition in register_control_type Sumeet Pawnikar
@ 2025-12-15 11:30 ` Rafael J. Wysocki
  0 siblings, 0 replies; 3+ messages in thread
From: Rafael J. Wysocki @ 2025-12-15 11:30 UTC (permalink / raw)
  To: Sumeet Pawnikar; +Cc: rafael, linux-pm, linux-kernel

On Fri, Dec 5, 2025 at 8:02 PM Sumeet Pawnikar <sumeet4linux@gmail.com> wrote:
>
> The device becomes visible to userspace via device_register()
> even before it fully initialized by idr_init(). If userspace
> or another thread tries to register a zone immediately after
> device_register(), the control_type_valid() will fail because
> the control_type is not yet in the list. The IDR is not yet
> initialized, so this race condition causes zone registration
> failure.
>
> Move idr_init() and list addition before device_register()
> fix the race condition.
>
> Signed-off-by: Sumeet Pawnikar <sumeet4linux@gmail.com>
> ---
>  drivers/powercap/powercap_sys.c | 15 ++++++++++-----
>  1 file changed, 10 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/powercap/powercap_sys.c b/drivers/powercap/powercap_sys.c
> index 4112a0097338..bdc65e040d17 100644
> --- a/drivers/powercap/powercap_sys.c
> +++ b/drivers/powercap/powercap_sys.c
> @@ -625,17 +625,22 @@ struct powercap_control_type *powercap_register_control_type(
>         INIT_LIST_HEAD(&control_type->node);
>         control_type->dev.class = &powercap_class;
>         dev_set_name(&control_type->dev, "%s", name);
> -       result = device_register(&control_type->dev);
> -       if (result) {
> -               put_device(&control_type->dev);
> -               return ERR_PTR(result);
> -       }
>         idr_init(&control_type->idr);
>
>         mutex_lock(&powercap_cntrl_list_lock);
>         list_add_tail(&control_type->node, &powercap_cntrl_list);
>         mutex_unlock(&powercap_cntrl_list_lock);
>
> +       result = device_register(&control_type->dev);
> +       if (result) {
> +               mutex_lock(&powercap_cntrl_list_lock);
> +               list_del(&control_type->node);
> +               mutex_unlock(&powercap_cntrl_list_lock);
> +               idr_destroy(&control_type->idr);
> +               put_device(&control_type->dev);
> +               return ERR_PTR(result);
> +       }
> +
>         return control_type;
>  }
>  EXPORT_SYMBOL_GPL(powercap_register_control_type);
> --

Applied as 6.19-rc material, thanks!

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [PATCH] powercap: fix race condition in register_control_type
@ 2025-12-05 19:01 Sumeet Pawnikar
  0 siblings, 0 replies; 3+ messages in thread
From: Sumeet Pawnikar @ 2025-12-05 19:01 UTC (permalink / raw)
  To: rafael, inux-pm; +Cc: linux-kernel, sumeet4linux

The device becomes visible to userspace via device_register()
even before it fully initialized by idr_init(). If userspace
or another thread tries to register a zone immediately after
device_register(), the control_type_valid() will fail because
the control_type is not yet in the list. The IDR is not yet
initialized, so this race condition causes zone registration
failure.

Move idr_init() and list addition before device_register()
fix the race condition.

Signed-off-by: Sumeet Pawnikar <sumeet4linux@gmail.com>
---
 drivers/powercap/powercap_sys.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/drivers/powercap/powercap_sys.c b/drivers/powercap/powercap_sys.c
index 4112a0097338..bdc65e040d17 100644
--- a/drivers/powercap/powercap_sys.c
+++ b/drivers/powercap/powercap_sys.c
@@ -625,17 +625,22 @@ struct powercap_control_type *powercap_register_control_type(
 	INIT_LIST_HEAD(&control_type->node);
 	control_type->dev.class = &powercap_class;
 	dev_set_name(&control_type->dev, "%s", name);
-	result = device_register(&control_type->dev);
-	if (result) {
-		put_device(&control_type->dev);
-		return ERR_PTR(result);
-	}
 	idr_init(&control_type->idr);
 
 	mutex_lock(&powercap_cntrl_list_lock);
 	list_add_tail(&control_type->node, &powercap_cntrl_list);
 	mutex_unlock(&powercap_cntrl_list_lock);
 
+	result = device_register(&control_type->dev);
+	if (result) {
+		mutex_lock(&powercap_cntrl_list_lock);
+		list_del(&control_type->node);
+		mutex_unlock(&powercap_cntrl_list_lock);
+		idr_destroy(&control_type->idr);
+		put_device(&control_type->dev);
+		return ERR_PTR(result);
+	}
+
 	return control_type;
 }
 EXPORT_SYMBOL_GPL(powercap_register_control_type);
-- 
2.43.0


^ permalink raw reply related	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2025-12-15 11:30 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-12-05 19:02 [PATCH] powercap: fix race condition in register_control_type Sumeet Pawnikar
2025-12-15 11:30 ` Rafael J. Wysocki
  -- strict thread matches above, loose matches on Subject: below --
2025-12-05 19:01 Sumeet Pawnikar

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox