• Daniel Jordan's avatar
    padata: fix possible padata_works_lock deadlock · 1b0df11f
    Daniel Jordan authored
    syzbot reports,
    
      WARNING: inconsistent lock state
      5.9.0-rc2-syzkaller #0 Not tainted
      --------------------------------
      inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.
      syz-executor.0/26715 takes:
      (padata_works_lock){+.?.}-{2:2}, at: padata_do_parallel kernel/padata.c:220
      {IN-SOFTIRQ-W} state was registered at:
        spin_lock include/linux/spinlock.h:354 [inline]
        padata_do_parallel kernel/padata.c:220
        ...
        __do_softirq kernel/softirq.c:298
        ...
        sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1091
        asm_sysvec_apic_timer_interrupt arch/x86/include/asm/idtentry.h:581
    
       Possible unsafe locking scenario:
    
             CPU0
             ----
        lock(padata_works_lock);
        <Interrupt>
          lock(padata_works_lock);
    
    padata_do_parallel() takes padata_works_lock with softirqs enabled, so a
    deadlock is possible if, on the same CPU, the lock is acquired in
    process context and then softirq handling done in an interrupt leads to
    the same path.
    
    Fix by leaving softirqs disabled while do_parallel holds
    padata_works_lock.
    
    Reported-by: syzbot+f4b9f49e38e25eb4ef52@syzkaller.appspotmail.com
    Fixes: 4611ce22 ("padata: allocate work structures for parallel jobs from a pool")
    Signed-off-by: default avatarDaniel Jordan <daniel.m.jordan@oracle.com>
    Cc: Herbert Xu <herbert@gondor.apana.org.au>
    Cc: Steffen Klassert <steffen.klassert@secunet.com>
    Cc: linux-crypto@vger.kernel.org
    Cc: linux-kernel@vger.kernel.org
    Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    1b0df11f
padata.c 28 KB