From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 36B681519AA; Wed, 5 Feb 2025 13:56:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738763795; cv=none; b=Nr8bkGHGBaJsSAohFJKv09TSjIgKdTBiZSKWHRhiCc3pXLL/piyaxXDxFH1VhmtDEJZrp6mwgPiJYjrSjbjs2ZOgL1gYBU6rbdgqFSVANHxjsEBnfU9HZZ3zzfENNAWoBEWJsOwGNtPifnnb61ShxKUZmBMPJmklSjeEGF0zhJA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738763795; c=relaxed/simple; bh=haW5CrQlP4JOTW2d2kO3KeJH264mt95iSINQtYlWi3k=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=sSgBj28XKFzn00YSMxcD+aQZYqsdmvks1AbSYXD4yxDJ4isz5Y69Gv4knhQSnJ4PDWVbBKsJi+NcBpnx6yVSnordqKdBaauVa5RwisAbwBj4kATCgOVbyyuxw6ATabM5Ivq8g1zL20TuxOpTgH09yw6DRLNt5VCLNbORuuA8hVU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=o2Mcms0g; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="o2Mcms0g" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 99226C4CED1; Wed, 5 Feb 2025 13:56:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1738763795; bh=haW5CrQlP4JOTW2d2kO3KeJH264mt95iSINQtYlWi3k=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=o2Mcms0gE/hhpMY3Jk1KokM+5r/AMJwmjte4aQLfQfEw7uqLNpeJQtKTHVNeRXlQb Xzf0ehyv2rQhxpm0mbACLZqW/YSW8NpTJsi8N5n9mFbVpW1+KK3JSAq9F0tRmX/8RS wkcLipsmZ/JKxARQv66gNsP0vnQDgipXoqArTRTo= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, Christoph Hellwig , Ming Lei , Damien Le Moal , "Martin K. Petersen" , Nilay Shroff , Johannes Thumshirn , Jens Axboe , Sasha Levin Subject: [PATCH 6.13 019/623] block: fix queue freeze vs limits lock order in sysfs store methods Date: Wed, 5 Feb 2025 14:36:01 +0100 Message-ID: <20250205134456.963768722@linuxfoundation.org> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250205134456.221272033@linuxfoundation.org> References: <20250205134456.221272033@linuxfoundation.org> User-Agent: quilt/0.68 X-stable: review X-Patchwork-Hint: ignore Precedence: bulk X-Mailing-List: stable@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit 6.13-stable review patch. If anyone has any objections, please let me know. ------------------ From: Christoph Hellwig [ Upstream commit c99f66e4084a62a2cc401c4704a84328aeddc9ec ] queue_attr_store() always freezes a device queue before calling the attribute store operation. For attributes that control queue limits, the store operation will also lock the queue limits with a call to queue_limits_start_update(). However, some drivers (e.g. SCSI sd) may need to issue commands to a device to obtain limit values from the hardware with the queue limits locked. This creates a potential ABBA deadlock situation if a user attempts to modify a limit (thus freezing the device queue) while the device driver starts a revalidation of the device queue limits. Avoid such deadlock by not freezing the queue before calling the ->store_limit() method in struct queue_sysfs_entry and instead use the queue_limits_commit_update_frozen helper to freeze the queue after taking the limits lock. This also removes taking the sysfs lock for the store_limit method as it doesn't protect anything here, but creates even more nesting. Hopefully it will go away from the actual sysfs methods entirely soon. (commit log adapted from a similar patch from Damien Le Moal) Fixes: ff956a3be95b ("block: use queue_limits_commit_update in queue_discard_max_store") Fixes: 0327ca9d53bf ("block: use queue_limits_commit_update in queue_max_sectors_store") Signed-off-by: Christoph Hellwig Reviewed-by: Ming Lei Reviewed-by: Damien Le Moal Reviewed-by: Martin K. Petersen Reviewed-by: Nilay Shroff Reviewed-by: Johannes Thumshirn Link: https://lore.kernel.org/r/20250110054726.1499538-7-hch@lst.de Signed-off-by: Jens Axboe Signed-off-by: Sasha Levin --- block/blk-sysfs.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/block/blk-sysfs.c b/block/blk-sysfs.c index d2aa2177e4ba5..e828be777206b 100644 --- a/block/blk-sysfs.c +++ b/block/blk-sysfs.c @@ -694,22 +694,24 @@ queue_attr_store(struct kobject *kobj, struct attribute *attr, if (entry->load_module) entry->load_module(disk, page, length); - mutex_lock(&q->sysfs_lock); - blk_mq_freeze_queue(q); if (entry->store_limit) { struct queue_limits lim = queue_limits_start_update(q); res = entry->store_limit(disk, page, length, &lim); if (res < 0) { queue_limits_cancel_update(q); - } else { - res = queue_limits_commit_update(q, &lim); - if (!res) - res = length; + return res; } - } else { - res = entry->store(disk, page, length); + + res = queue_limits_commit_update_frozen(q, &lim); + if (res) + return res; + return length; } + + mutex_lock(&q->sysfs_lock); + blk_mq_freeze_queue(q); + res = entry->store(disk, page, length); blk_mq_unfreeze_queue(q); mutex_unlock(&q->sysfs_lock); return res; -- 2.39.5