Received: by 10.223.185.116 with SMTP id b49csp2396946wrg;
        Thu, 22 Feb 2018 13:04:52 -0800 (PST)
X-Google-Smtp-Source: AH8x2276XjF3+URbZFEcab0bG9WxKnRf9U5cA3HAP6cpeWiTfxUbZYhX1e9ozKzJN5h4ObHrTBxo
X-Received: by 10.99.126.19 with SMTP id z19mr6617905pgc.108.1519333492354;
        Thu, 22 Feb 2018 13:04:52 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1519333492; cv=none;
        d=google.com; s=arc-20160816;
        b=P9qn3QFHHINFR9nv2AMfvas2gkic6gqqsVgayd54xKB8KOBJ1CyPZZoKxwuWwG8RwT
         dZZYXxiuDbSS+v9oLHafm6iceFTN4tPfxLj3bFepRn5+IlMDTBCoiXO44xJd9b/ZjsRZ
         W5lap94Zg4kpDbH0CPQOOoehgBlycM8WFMT++wN68DluOW7EYhrP/OVx4oin2mQN62i6
         6+2wNODJ53rrooIOZ4OUn84zJGyur48ccDqEo6+tFeZWsjHDDoPhBcx51r+5qSSwh6ob
         /SjTyw40zGzyRHPwo3fF9kGiodpM7Zog9XsDh80xog5f1TjB4q+rrCJpe5mWBeYi2vxj
         n+tA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=YXpjfyy/5Szcxgom5TVAYanhqcVcBDfDjDH02Xf6Nr0=;
        b=zBPOUrAIkkR/SQbo16X2ZTDT/gnXHgN3t7Of5L4uuBIqjgS4eF0UkNnz5dPaqPx6MT
         UpCeWUBZ6EcKdNyiDl12UYxaflzY2R/LcbZuvrZKtQX95AyPXSu3kLw3e9DgMNGDei8u
         KQbuBKhusrVk1cTA1F2IlqdVSohhO9ZYSmcYO/c632rpkkw+F84BR0C+IvDj84zLdTGC
         JKIPeT0qKTbtlzpkljzpsyyXnhrQIsuyO2Elvsb99H1nxCvAPvlGcLnu3ZvRtcxqePua
         azWXKkjVYlMVZEXvCV55MKXVY6y+3an7gIlSndxHBXlVtIYDJi3iCSo40t8T/l/ieWVe
         jpJw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=aVW/UaUX;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id e13si495658pgs.582.2018.02.22.13.04.35;
        Thu, 22 Feb 2018 13:04:52 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=aVW/UaUX;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751376AbeBVVDA (ORCPT <rfc822;charleyewang@gmail.com>
        + 99 others); Thu, 22 Feb 2018 16:03:00 -0500
Received: from mail-it0-f67.google.com ([209.85.214.67]:34698 "EHLO
        mail-it0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751119AbeBVVC7 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 22 Feb 2018 16:02:59 -0500
Received: by mail-it0-f67.google.com with SMTP id a203so2922280itd.1
        for <linux-kernel@vger.kernel.org>; Thu, 22 Feb 2018 13:02:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=YXpjfyy/5Szcxgom5TVAYanhqcVcBDfDjDH02Xf6Nr0=;
        b=aVW/UaUXIcXU9/nwdhal/TdG6D41K89ncQ2Bg69gBT3EXLXzgz8IQnUm5LBYapsTZi
         9EKOJ0sUUCWCannjJD9s13n23iabUtstciVH4tqQnOcKGSEXGaEBT94ikQtvtJl1eUDC
         mg75UQgN+YKE0jZ2bwK46kswy8pYAU+fedd8hIPMhPd5FQdT3hkyHU8w2wwVneLbCMmO
         cR17pTOXQOgHtmSmizb0NH+uqlqTlcASMrZyMUohEJaOHJe7UcFdGcE3Red0SVxI371v
         K79Kt4l4bQv9NjoMp1OQCF1k1uDUrivyo/vTNgRgDwQcMDIFNw/hQnx4nkiWmw2Ds6eJ
         iFeA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=YXpjfyy/5Szcxgom5TVAYanhqcVcBDfDjDH02Xf6Nr0=;
        b=WYjMGa07l7F/JEvtG8Xsr2jONety6pLjpJeEd0UwIor2vhdN0rW0v/gEeJOX0WG4VA
         UQ5wJe31wf+AVo+tB1falH1fMQCyGtJHdCIu07Tl037bjNjgcF8ZV9GwU+d7OqTposUC
         zS0HDHtGfkEEkFksBeldG/6b+MBVDi1su19v9VzPkA20cZUU+JMCPjxoaYZwMpWjK936
         YQnKPt5/C41qbxY1Eq4Wqg0J2F667ZnhxbjYD+qJinIc/CCexN1xihfcn7Xm4uWc/O8b
         lNX8snR2eTGjqMSxAlpiOdg7PISXdtqYUosTN3of+qSbgvrQL9phvb90BSofpFGFDA/Y
         F+CQ==
X-Gm-Message-State: APf1xPD6/1ySH8VCgMQemF0NxBIDDdt+c6zKLYRNWc56jE5vw2JDcyhy
        U9UoQuAEGyQQ1FGluW5eEqXyLLfjv7BSKr2waclhcTcUzAc=
X-Received: by 10.36.202.197 with SMTP id k188mr691446itg.28.1519333378195;
 Thu, 22 Feb 2018 13:02:58 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.107.8 with HTTP; Thu, 22 Feb 2018 13:02:57 -0800 (PST)
In-Reply-To: <20180222134832.GA1400@kroah.com>
References: <20180216190201.59572-1-joelaf@google.com> <20180222134832.GA1400@kroah.com>
From:   Joel Fernandes <joelaf@google.com>
Date:   Thu, 22 Feb 2018 13:02:57 -0800
Message-ID: <CAJWu+or6oK--zi6uDUipHY42wf79aVHo3WuZXXUvzR-7Atod4A@mail.gmail.com>
Subject: Re: [PATCH v2] staging: android: ashmem: Fix lockdep issue during llseek
To:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc:     LKML <linux-kernel@vger.kernel.org>, Todd Kjos <tkjos@google.com>,
        Arve Hjonnevag <arve@android.com>,
        Greg Hackmann <ghackmann@google.com>, stable@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

(reposting in plain text, sorry for the previous HTML email, I should
have not posted from the Phone)

On Thu, Feb 22, 2018 at 5:48 AM, Greg Kroah-Hartman
<gregkh@linuxfoundation.org> wrote:
> On Fri, Feb 16, 2018 at 11:02:01AM -0800, Joel Fernandes wrote:
>> ashmem_mutex create a chain of dependencies like so:
>>
>> (1)
>> mmap syscall ->
>>   mmap_sem ->  (acquired)
>>   ashmem_mmap
>>   ashmem_mutex (try to acquire)
>>   (block)
>>
>> (2)
>> llseek syscall ->
>>   ashmem_llseek ->
>>   ashmem_mutex ->  (acquired)
>>   inode_lock ->
>>   inode->i_rwsem (try to acquire)
>>   (block)
>>
>> (3)
>> getdents ->
>>   iterate_dir ->
>>   inode_lock ->
>>   inode->i_rwsem   (acquired)
>>   copy_to_user ->
>>   mmap_sem         (try to acquire)
>>
>> There is a lock ordering created between mmap_sem and inode->i_rwsem
>> causing a lockdep splat [2] during a syzcaller test, this patch fixes
>> the issue by unlocking the mutex earlier. Functionally that's Ok since
>> we don't need to protect vfs_llseek.
>>
>> [1] https://patchwork.kernel.org/patch/10185031/
>> [2] https://lkml.org/lkml/2018/1/10/48
>>
>> Cc: Todd Kjos <tkjos@google.com>
>> Cc: Arve Hjonnevag <arve@android.com>
>> Cc: Greg Hackmann <ghackmann@google.com>
>> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
>> Cc: stable@vger.kernel.org
>> Reported-by: syzbot+8ec30bb7bf1a981a2012@syzkaller.appspotmail.com
>> Signed-off-by: Joel Fernandes <joelaf@google.com>
>> ---
>> Changes since first version:
>> Don't relock after vfs call since its not needed. Only reason we lock is
>> to protect races with asma->file.
>> https://patchwork.kernel.org/patch/10185031/
>
> I'd like some acks from others before I take this patch.

GregH, Todd, could you provide Acks?

>
> Joel, did the original reporter say this patch solved their issue or
> not?  For some reason I didn't think it worked properly...

That's a different but similar issue:
https://patchwork.kernel.org/patch/10202127/. That was related to
RECLAIM_FS lockdep recursion. That was posted as an RFC unlike this
one, and its still being investigated since Miles reported that the
lockdep inode annotation doesn't fix the issue.

This one on the other hand has a straightforward fix, and was verified
by the syzbot.

I can see why its easy to confuse the two issues.

Thanks,

- Joel