Chengfeng Ye 1bae5c0e2c misc: bcm_vk: Fix potential deadlock on &vk->ctx_lock ... As &vk->ctx_lock is acquired by timer bcm_vk_hb_poll() under softirq context, other process context code should disable irq or bottom-half before acquire the same lock, otherwise deadlock could happen if the timer preempt the execution while the lock is held in process context on the same CPU. Possible deadlock scenario bcm_vk_open() -> bcm_vk_get_ctx() -> spin_lock(&vk->ctx_lock) <timer iterrupt> -> bcm_vk_hb_poll() -> bcm_vk_blk_drv_access() -> spin_lock_irqsave(&vk->ctx_lock, flags) (deadlock here) This flaw was found using an experimental static analysis tool we are developing for irq-related deadlock, which reported the following warning when analyzing the linux kernel 6.4-rc7 release. [Deadlock]: &vk->ctx_lock [Interrupt]: bcm_vk_hb_poll -->/root/linux/drivers/misc/bcm-vk/bcm_vk_msg.c:176 -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:512 [Locking Unit]: bcm_vk_ioctl -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:1181 -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:512 [Deadlock]: &vk->ctx_lock [Interrupt]: bcm_vk_hb_poll -->/root/linux/drivers/misc/bcm-vk/bcm_vk_msg.c:176 -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:512 [Locking Unit]: bcm_vk_ioctl -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:1169 [Deadlock]: &vk->ctx_lock [Interrupt]: bcm_vk_hb_poll -->/root/linux/drivers/misc/bcm-vk/bcm_vk_msg.c:176 -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:512 [Locking Unit]: bcm_vk_open -->/root/linux/drivers/misc/bcm-vk/bcm_vk_msg.c:216 [Deadlock]: &vk->ctx_lock [Interrupt]: bcm_vk_hb_poll -->/root/linux/drivers/misc/bcm-vk/bcm_vk_msg.c:176 -->/root/linux/drivers/misc/bcm-vk/bcm_vk_dev.c:512 [Locking Unit]: bcm_vk_release -->/root/linux/drivers/misc/bcm-vk/bcm_vk_msg.c:306 As suggested by Arnd, the tentative patch fix the potential deadlocks by replacing the timer with delay workqueue. x86_64 allyesconfig using GCC shows no new warning. Note that no runtime testing was performed due to no device on hand. Signed-off-by: Chengfeng Ye <dg573847474@gmail.com> Acked-by: Scott Branden <scott.branden@broadcom.com> Tested-by: Desmond Yan <desmond.branden@broadcom.com> Tested-by: Desmond Yan <desmond.yan@broadcom.com> Link: https://lore.kernel.org/r/20230629182941.13045-1-dg573847474@gmail.com Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2023-08-04 15:45:19 +02:00
..
bcm_vk_dev.c	misc: bcm_vk: Remove usage of deprecated functions	2022-09-01 16:29:32 +02:00
bcm_vk_msg.c	misc: bcm_vk: Fix potential deadlock on &vk->ctx_lock	2023-08-04 15:45:19 +02:00
bcm_vk_msg.h	misc: bcm-vk: Replace zero-length array with flexible array member	2021-05-21 22:03:29 +02:00
bcm_vk_sg.c	misc: bcm-vk: add VK messaging support	2021-01-25 18:44:44 +01:00
bcm_vk_sg.h	misc: bcm-vk: add VK messaging support	2021-01-25 18:44:44 +01:00
bcm_vk_tty.c	misc: bcm-vk: fix tty registration race	2021-09-21 16:17:15 +02:00
bcm_vk.h	misc: bcm_vk: Fix potential deadlock on &vk->ctx_lock	2023-08-04 15:45:19 +02:00
Kconfig	misc: bcm-vk: only support ttyVK if CONFIG_TTY is set	2021-02-04 00:48:58 +01:00
Makefile	misc: bcm-vk: only support ttyVK if CONFIG_TTY is set	2021-02-04 00:48:58 +01:00