From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
"Eric W. Biederman" <ebiederm@xmission.com>,
Waiman Long <longman@redhat.com>,
Christian Brauner <brauner@kernel.org>
Subject: [PATCH 5.4 63/80] copy_process(): Move fd_install() out of sighand->siglock critical section
Date: Mon, 21 Feb 2022 09:49:43 +0100 [thread overview]
Message-ID: <20220221084917.653609458@linuxfoundation.org> (raw)
In-Reply-To: <20220221084915.554151737@linuxfoundation.org>
From: Waiman Long <longman@redhat.com>
commit ddc204b517e60ae64db34f9832dc41dafa77c751 upstream.
I was made aware of the following lockdep splat:
[ 2516.308763] =====================================================
[ 2516.309085] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected
[ 2516.309433] 5.14.0-51.el9.aarch64+debug #1 Not tainted
[ 2516.309703] -----------------------------------------------------
[ 2516.310149] stress-ng/153663 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[ 2516.310512] ffff0000e422b198 (&newf->file_lock){+.+.}-{2:2}, at: fd_install+0x368/0x4f0
[ 2516.310944]
and this task is already holding:
[ 2516.311248] ffff0000c08140d8 (&sighand->siglock){-.-.}-{2:2}, at: copy_process+0x1e2c/0x3e80
[ 2516.311804] which would create a new lock dependency:
[ 2516.312066] (&sighand->siglock){-.-.}-{2:2} -> (&newf->file_lock){+.+.}-{2:2}
[ 2516.312446]
but this new dependency connects a HARDIRQ-irq-safe lock:
[ 2516.312983] (&sighand->siglock){-.-.}-{2:2}
:
[ 2516.330700] Possible interrupt unsafe locking scenario:
[ 2516.331075] CPU0 CPU1
[ 2516.331328] ---- ----
[ 2516.331580] lock(&newf->file_lock);
[ 2516.331790] local_irq_disable();
[ 2516.332231] lock(&sighand->siglock);
[ 2516.332579] lock(&newf->file_lock);
[ 2516.332922] <Interrupt>
[ 2516.333069] lock(&sighand->siglock);
[ 2516.333291]
*** DEADLOCK ***
[ 2516.389845]
stack backtrace:
[ 2516.390101] CPU: 3 PID: 153663 Comm: stress-ng Kdump: loaded Not tainted 5.14.0-51.el9.aarch64+debug #1
[ 2516.390756] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015
[ 2516.391155] Call trace:
[ 2516.391302] dump_backtrace+0x0/0x3e0
[ 2516.391518] show_stack+0x24/0x30
[ 2516.391717] dump_stack_lvl+0x9c/0xd8
[ 2516.391938] dump_stack+0x1c/0x38
[ 2516.392247] print_bad_irq_dependency+0x620/0x710
[ 2516.392525] check_irq_usage+0x4fc/0x86c
[ 2516.392756] check_prev_add+0x180/0x1d90
[ 2516.392988] validate_chain+0x8e0/0xee0
[ 2516.393215] __lock_acquire+0x97c/0x1e40
[ 2516.393449] lock_acquire.part.0+0x240/0x570
[ 2516.393814] lock_acquire+0x90/0xb4
[ 2516.394021] _raw_spin_lock+0xe8/0x154
[ 2516.394244] fd_install+0x368/0x4f0
[ 2516.394451] copy_process+0x1f5c/0x3e80
[ 2516.394678] kernel_clone+0x134/0x660
[ 2516.394895] __do_sys_clone3+0x130/0x1f4
[ 2516.395128] __arm64_sys_clone3+0x5c/0x7c
[ 2516.395478] invoke_syscall.constprop.0+0x78/0x1f0
[ 2516.395762] el0_svc_common.constprop.0+0x22c/0x2c4
[ 2516.396050] do_el0_svc+0xb0/0x10c
[ 2516.396252] el0_svc+0x24/0x34
[ 2516.396436] el0t_64_sync_handler+0xa4/0x12c
[ 2516.396688] el0t_64_sync+0x198/0x19c
[ 2517.491197] NET: Registered PF_ATMPVC protocol family
[ 2517.491524] NET: Registered PF_ATMSVC protocol family
[ 2591.991877] sched: RT throttling activated
One way to solve this problem is to move the fd_install() call out of
the sighand->siglock critical section.
Before commit 6fd2fe494b17 ("copy_process(): don't use ksys_close()
on cleanups"), the pidfd installation was done without holding both
the task_list lock and the sighand->siglock. Obviously, holding these
two locks are not really needed to protect the fd_install() call.
So move the fd_install() call down to after the releases of both locks.
Link: https://lore.kernel.org/r/20220208163912.1084752-1-longman@redhat.com
Fixes: 6fd2fe494b17 ("copy_process(): don't use ksys_close() on cleanups")
Reviewed-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Waiman Long <longman@redhat.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
kernel/fork.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -2182,10 +2182,6 @@ static __latent_entropy struct task_stru
goto bad_fork_cancel_cgroup;
}
- /* past the last point of failure */
- if (pidfile)
- fd_install(pidfd, pidfile);
-
init_task_pid_links(p);
if (likely(p->pid)) {
ptrace_init_task(p, (clone_flags & CLONE_PTRACE) || trace);
@@ -2234,6 +2230,9 @@ static __latent_entropy struct task_stru
syscall_tracepoint_update(p);
write_unlock_irq(&tasklist_lock);
+ if (pidfile)
+ fd_install(pidfd, pidfile);
+
proc_fork_connector(p);
cgroup_post_fork(p);
cgroup_threadgroup_change_end(current);
next prev parent reply other threads:[~2022-02-21 9:08 UTC|newest]
Thread overview: 93+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-21 8:48 [PATCH 5.4 00/80] 5.4.181-rc1 review Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 01/80] Makefile.extrawarn: Move -Wunaligned-access to W=1 Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 02/80] HID:Add support for UGTABLET WP5540 Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 03/80] Revert "svm: Add warning message for AVIC IPI invalid target" Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 04/80] serial: parisc: GSC: fix build when IOSAPIC is not set Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 05/80] parisc: Drop __init from map_pages declaration Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 06/80] parisc: Fix data TLB miss in sba_unmap_sg Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 07/80] parisc: Fix sglist access in ccio-dma.c Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 08/80] btrfs: send: in case of IO error log it Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 09/80] platform/x86: ISST: Fix possible circular locking dependency detected Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 10/80] selftests: rtc: Increase test timeout so that all tests run Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 11/80] net: ieee802154: at86rf230: Stop leaking skbs Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 12/80] selftests/zram: Skip max_comp_streams interface on newer kernel Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 13/80] selftests/zram01.sh: Fix compression ratio calculation Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 14/80] selftests/zram: Adapt the situation that /dev/zram0 is being used Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 15/80] ax25: improve the incomplete fix to avoid UAF and NPD bugs Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 16/80] vfs: make freeze_super abort when sync_filesystem returns error Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 17/80] quota: make dquot_quota_sync return errors from ->sync_fs Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 18/80] nvme: fix a possible use-after-free in controller reset during load Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 5.4 19/80] nvme-tcp: fix possible use-after-free in transport error_recovery work Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 20/80] nvme-rdma: " Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 21/80] drm/amdgpu: fix logic inversion in check Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 22/80] Revert "module, async: async_synchronize_full() on module init iff async is used" Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 23/80] ftrace: add ftrace_init_nop() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 24/80] module/ftrace: handle patchable-function-entry Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 25/80] arm64: module: rework special section handling Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 26/80] arm64: module/ftrace: intialize PLT at load time Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 27/80] iwlwifi: fix use-after-free Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 28/80] drm/radeon: Fix backlight control on iMac 12,1 Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 29/80] ext4: check for out-of-order index extents in ext4_valid_extent_entries() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 30/80] ext4: check for inconsistent extents between index and leaf block Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 31/80] ext4: prevent partial update of the extent blocks Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 32/80] taskstats: Cleanup the use of task->exit_code Greg Kroah-Hartman
2022-02-21 22:46 ` Dr. Thomas Orgis
2022-02-22 23:53 ` Eric W. Biederman
2022-02-23 22:40 ` Dr. Thomas Orgis
2022-02-25 0:23 ` Eric W. Biederman
2022-02-21 8:49 ` [PATCH 5.4 33/80] dmaengine: at_xdmac: Start transfer for cyclic channels in issue_pending Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 34/80] vsock: remove vsock from connected table when connect is interrupted by a signal Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 35/80] mmc: block: fix read single on recovery logic Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 36/80] iwlwifi: pcie: fix locking when "HW not ready" Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 37/80] iwlwifi: pcie: gen2: " Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 38/80] netfilter: nft_synproxy: unregister hooks on init error path Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 39/80] net: dsa: lan9303: fix reset on probe Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 40/80] net: ieee802154: ca8210: Fix lifs/sifs periods Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 41/80] ping: fix the dif and sdif check in ping_lookup Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 42/80] bonding: force carrier update when releasing slave Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 43/80] drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 44/80] bonding: fix data-races around agg_select_timer Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 45/80] libsubcmd: Fix use-after-free for realloc(..., 0) Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 46/80] ALSA: hda: Fix regression on forced probe mask option Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 47/80] ALSA: hda: Fix missing codec probe on Shenker Dock 15 Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 48/80] ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 49/80] ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 50/80] powerpc/lib/sstep: fix ptesync build error Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 51/80] mtd: rawnand: gpmi: dont leak PM reference in error path Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 52/80] tee: export teedev_open() and teedev_close_context() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 53/80] optee: use driver internal tee_context for some rpc Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 54/80] block/wbt: fix negative inflight counter when remove scsi device Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 55/80] NFS: LOOKUP_DIRECTORY is also ok with symlinks Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 56/80] NFS: Do not report writeback errors in nfs_getattr() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 57/80] mtd: rawnand: qcom: Fix clock sequencing in qcom_nandc_probe() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 58/80] mtd: rawnand: brcmnand: Fixed incorrect sub-page ECC status Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 59/80] scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 60/80] EDAC: Fix calculation of returned address and next offset in edac_align_ptr() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 61/80] net: sched: limit TC_ACT_REPEAT loops Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 62/80] dmaengine: sh: rcar-dmac: Check for error num after setting mask Greg Kroah-Hartman
2022-02-21 8:49 ` Greg Kroah-Hartman [this message]
2022-02-21 8:49 ` [PATCH 5.4 64/80] i2c: brcmstb: fix support for DSL and CM variants Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 65/80] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 66/80] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 67/80] ARM: OMAP2+: hwmod: Add of_node_put() before break Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 68/80] ARM: OMAP2+: adjust the location of put_device() call in omapdss_init_of Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 69/80] irqchip/sifive-plic: Add missing thead,c900-plic match string Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 70/80] netfilter: conntrack: dont refresh sctp entries in closed state Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 71/80] arm64: dts: meson-gx: add ATF BL32 reserved-memory region Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 72/80] arm64: dts: meson-g12: " Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 73/80] arm64: dts: meson-g12: drop BL32 region from SEI510/SEI610 Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 74/80] kconfig: let shell return enough output for deep path names Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 75/80] ata: libata-core: Disable TRIM on M88V29 Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 76/80] drm/rockchip: dw_hdmi: Do not leave clock enabled in error case Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 77/80] tracing: Fix tp_printk option related with tp_printk_stop_on_boot Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 78/80] net: usb: qmi_wwan: Add support for Dell DW5829e Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 5.4 79/80] net: macb: Align the dma and coherent dma masks Greg Kroah-Hartman
2022-02-21 8:50 ` [PATCH 5.4 80/80] kconfig: fix failing to generate auto.conf Greg Kroah-Hartman
2022-02-21 21:18 ` [PATCH 5.4 00/80] 5.4.181-rc1 review Guenter Roeck
2022-02-21 21:38 ` Shuah Khan
2022-02-22 3:19 ` Slade Watkins
2022-02-22 3:25 ` Florian Fainelli
2022-02-22 6:54 ` Naresh Kamboju
2022-02-22 12:04 ` Sudip Mukherjee
2022-02-22 12:07 ` Jon Hunter
2022-02-23 0:54 ` Samuel Zou
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220221084917.653609458@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=brauner@kernel.org \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
--cc=longman@redhat.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).