From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
patches@lists.linux.dev, ZhaoLong Wang <wangzhaolong1@huawei.com>,
Zhihao Cheng <chengzhihao1@huawei.com>,
Richard Weinberger <richard@nod.at>,
Sasha Levin <sashal@kernel.org>
Subject: [PATCH 5.15 68/91] ubi: Fix deadlock caused by recursively holding work_sem
Date: Tue, 18 Apr 2023 14:22:12 +0200 [thread overview]
Message-ID: <20230418120307.929067994@linuxfoundation.org> (raw)
In-Reply-To: <20230418120305.520719816@linuxfoundation.org>
From: ZhaoLong Wang <wangzhaolong1@huawei.com>
[ Upstream commit f773f0a331d6c41733b17bebbc1b6cae12e016f5 ]
During the processing of the bgt, if the sync_erase() return -EBUSY
or some other error code in __erase_worker(),schedule_erase() called
again lead to the down_read(ubi->work_sem) hold twice and may get
block by down_write(ubi->work_sem) in ubi_update_fastmap(),
which cause deadlock.
ubi bgt other task
do_work
down_read(&ubi->work_sem) ubi_update_fastmap
erase_worker # Blocked by down_read
__erase_worker down_write(&ubi->work_sem)
schedule_erase
schedule_ubi_work
down_read(&ubi->work_sem)
Fix this by changing input parameter @nested of the schedule_erase() to
'true' to avoid recursively acquiring the down_read(&ubi->work_sem).
Also, fix the incorrect comment about @nested parameter of the
schedule_erase() because when down_write(ubi->work_sem) is held, the
@nested is also need be true.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=217093
Fixes: 2e8f08deabbc ("ubi: Fix races around ubi_refill_pools()")
Signed-off-by: ZhaoLong Wang <wangzhaolong1@huawei.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/mtd/ubi/wl.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/mtd/ubi/wl.c b/drivers/mtd/ubi/wl.c
index 2ee0e60c43c2e..4427018ad4d9b 100644
--- a/drivers/mtd/ubi/wl.c
+++ b/drivers/mtd/ubi/wl.c
@@ -575,7 +575,7 @@ static int erase_worker(struct ubi_device *ubi, struct ubi_work *wl_wrk,
* @vol_id: the volume ID that last used this PEB
* @lnum: the last used logical eraseblock number for the PEB
* @torture: if the physical eraseblock has to be tortured
- * @nested: denotes whether the work_sem is already held in read mode
+ * @nested: denotes whether the work_sem is already held
*
* This function returns zero in case of success and a %-ENOMEM in case of
* failure.
@@ -1121,7 +1121,7 @@ static int __erase_worker(struct ubi_device *ubi, struct ubi_work *wl_wrk)
int err1;
/* Re-schedule the LEB for erasure */
- err1 = schedule_erase(ubi, e, vol_id, lnum, 0, false);
+ err1 = schedule_erase(ubi, e, vol_id, lnum, 0, true);
if (err1) {
spin_lock(&ubi->wl_lock);
wl_entry_destroy(ubi, e);
--
2.39.2
next prev parent reply other threads:[~2023-04-18 12:40 UTC|newest]
Thread overview: 105+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-18 12:21 [PATCH 5.15 00/91] 5.15.108-rc1 review Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 01/91] Revert "pinctrl: amd: Disable and mask interrupts on resume" Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 02/91] ALSA: emu10k1: fix capture interrupt handler unlinking Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 03/91] ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 04/91] ALSA: i2c/cs8427: fix iec958 mixer control deactivation Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 05/91] ALSA: firewire-tascam: add missing unwind goto in snd_tscm_stream_start_duplex() Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 06/91] ALSA: emu10k1: dont create old pass-through playback device on Audigy Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 07/91] ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 08/91] Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 09/91] Bluetooth: Fix race condition in hidp_session_thread Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 10/91] btrfs: print checksum type and implementation at mount time Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 11/91] btrfs: fix fast csum implementation detection Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 12/91] fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 13/91] mtdblock: tolerate corrected bit-flips Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 14/91] mtd: rawnand: meson: fix bitmask for length in command word Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 15/91] mtd: rawnand: stm32_fmc2: remove unsupported EDO mode Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 16/91] mtd: rawnand: stm32_fmc2: use timings.mode instead of checking tRC_min Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 17/91] KVM: arm64: PMU: Restore the guests EL0 event counting after migration Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 18/91] drm/i915/dsi: fix DSS CTL register offsets for TGL+ Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 19/91] clk: sprd: set max_register according to mapping range Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 20/91] RDMA/irdma: Fix memory leak of PBLE objects Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 21/91] RDMA/irdma: Increase iWARP CM default rexmit count Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 22/91] RDMA/irdma: Add ipv4 check to irdma_find_listener() Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 23/91] IB/mlx5: Add support for 400G_8X lane speed Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 24/91] RDMA/cma: Allow UD qp_type to join multicast only Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 25/91] bpf: tcp: Use sock_gen_put instead of sock_put in bpf_iter_tcp Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 26/91] 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 27/91] niu: Fix missing unwind goto in niu_alloc_channels() Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 28/91] tcp: restrict net.ipv4.tcp_app_win Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 29/91] drm/armada: Fix a potential double free in an error handling path Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 30/91] qlcnic: check pci_reset_function result Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 31/91] net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 32/91] sctp: fix a potential overflow in sctp_ifwdtsn_skip Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 33/91] RDMA/core: Fix GID entry ref leak when create_ah fails Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 34/91] udp6: fix potential access to stale information Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 35/91] net: macb: fix a memory corruption in extended buffer descriptor mode Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 36/91] skbuff: Fix a race between coalescing and releasing SKBs Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 37/91] libbpf: Fix single-line struct definition output in btf_dump Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 38/91] ARM: 9290/1: uaccess: Fix KASAN false-positives Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 39/91] power: supply: cros_usbpd: reclassify "default case!" as debug Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 40/91] wifi: mwifiex: mark OF related data as maybe unused Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 41/91] i2c: imx-lpi2c: clean rx/tx buffers upon new message Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 42/91] i2c: hisi: Avoid redundant interrupts Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 43/91] efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 44/91] drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 45/91] verify_pefile: relax wrapper length check Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 46/91] asymmetric_keys: log on fatal failures in PE/pkcs7 Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 47/91] wifi: iwlwifi: mvm: fix mvmtxq->stopped handling Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 48/91] ACPI: resource: Add Medion S17413 to IRQ override quirk Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 49/91] counter: stm32-lptimer-cnt: Provide defines for clock polarities Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 50/91] counter: stm32-timer-cnt: Provide defines for slave mode selection Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 51/91] counter: Internalize sysfs interface code Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 52/91] counter: 104-quad-8: Fix Synapse action reported for Index signals Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 53/91] tracing: Add trace_array_puts() to write into instance Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 54/91] tracing: Have tracing_snapshot_instance_cond() write errors to the appropriate instance Greg Kroah-Hartman
2023-04-18 12:21 ` [PATCH 5.15 55/91] i915/perf: Replace DRM_DEBUG with driver specific drm_dbg call Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 56/91] drm/i915: fix race condition UAF in i915_perf_add_config_ioctl Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 57/91] riscv: Do not set initial_boot_params to the linear address of the dtb Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 58/91] riscv: add icache flush for nommu sigreturn trampoline Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 59/91] net: sfp: initialize sfp->i2c_block_size at sfp allocation Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 60/91] net: phy: nxp-c45-tja11xx: add remove callback Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 61/91] net: phy: nxp-c45-tja11xx: fix unsigned long multiplication overflow Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 62/91] scsi: ses: Handle enclosure with just a primary component gracefully Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 63/91] x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 64/91] cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 65/91] mptcp: use mptcp_schedule_work instead of open-coding it Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 66/91] mptcp: stricter state check in mptcp_worker Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 67/91] ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size Greg Kroah-Hartman
2023-04-18 12:22 ` Greg Kroah-Hartman [this message]
2023-04-18 12:22 ` [PATCH 5.15 69/91] powerpc/papr_scm: Update the NUMA distance table for the target node Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 70/91] sched/fair: Move calculate of avg_load to a better location Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 71/91] sched/fair: Fix imbalance overflow Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 72/91] x86/rtc: Remove __init for runtime functions Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 73/91] i2c: ocores: generate stop condition after timeout in polling mode Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 74/91] sh: remove meaningless archclean line Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 75/91] kbuild: use more subdir- for visiting subdirectories while cleaning Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 76/91] purgatory: fix disabling debug info Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 77/91] nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG GAMMIX S50 Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 78/91] nvme-pci: avoid the deepest sleep state on ZHITAI TiPro7000 SSDs Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 79/91] nvme-pci: Crucial P2 has bogus namespace ids Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 80/91] nvme-pci: add NVME_QUIRK_BOGUS_NID for Lexar NM610 Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 81/91] nvme-pci: add NVME_QUIRK_BOGUS_NID for Lexar NM760 Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 82/91] nvme-pci: mark Lexar NM760 as IGNORE_DEV_SUBNQN Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 83/91] nvme-pci: add NVME_QUIRK_BOGUS_NID for T-FORCE Z330 SSD Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 84/91] cgroup/cpuset: Skip spread flags update on v2 Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 85/91] cgroup/cpuset: Make cpuset_fork() handle CLONE_INTO_CGROUP properly Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 86/91] cgroup/cpuset: Add cpuset_can_fork() and cpuset_cancel_fork() methods Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 87/91] kexec: turn all kexec_mutex acquisitions into trylocks Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 88/91] panic, kexec: make __crash_kexec() NMI safe Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 89/91] counter: fix docum. build problems after filename change Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 90/91] counter: Add the necessary colons and indents to the comments of counter_compi Greg Kroah-Hartman
2023-04-18 12:22 ` [PATCH 5.15 91/91] nvme-pci: avoid the deepest sleep state on ZHITAI TiPro5000 SSDs Greg Kroah-Hartman
2023-04-18 14:47 ` [PATCH 5.15 00/91] 5.15.108-rc1 review Naresh Kamboju
2023-04-18 16:17 ` Harshit Mogalapalli
2023-04-18 16:51 ` Tom Saeger
2023-04-19 4:18 ` Bagas Sanjaya
2023-04-19 4:56 ` Yu Zhao
2023-04-19 7:22 ` Greg Kroah-Hartman
2023-04-19 8:44 ` Pavel Machek
2023-04-19 15:09 ` Tom Saeger
2023-04-19 7:24 ` Greg Kroah-Hartman
2023-04-18 20:37 ` Florian Fainelli
2023-04-18 21:26 ` Shuah Khan
2023-04-19 3:54 ` Guenter Roeck
2023-04-19 4:23 ` Bagas Sanjaya
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230418120307.929067994@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=chengzhihao1@huawei.com \
--cc=patches@lists.linux.dev \
--cc=richard@nod.at \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
--cc=wangzhaolong1@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).