Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp1371252imm; Thu, 4 Oct 2018 12:29:30 -0700 (PDT) X-Google-Smtp-Source: ACcGV61QQhR70/l1cC3V36IxrrcbBRLJzUszA5sRbcsvzV/qw8hBOuZTtcMcVSzEzVS5APOf9E/y X-Received: by 2002:a62:4dc1:: with SMTP id a184-v6mr8294616pfb.5.1538681370926; Thu, 04 Oct 2018 12:29:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1538681370; cv=none; d=google.com; s=arc-20160816; b=Z0VTaoy5TiLHLKeVqCNs18lHmTO0m7qmWB12VGjLufTGefRaM+vU6aBq0RoCjtiN1Q T6FPt9P5S0LEzU7EUFFyT0aLrHFt9mb7pIg4Za9iQdQ06ZNP7tmnzYbJrQ+tsJz7yDR/ 1jJvLgFOQQ0QZg27e0p6bZ3DdxQxKODhHO2TzssfutXkTT04eynDOHqYayRdf7e0CmG+ wuno7IbmUSwdyDpu4OdNjdH9h8EdNCuOdh6z2ZVI/vakIKaxYVt3uzs8jo28d3/2vFGw IdvjPmGscae3Yo5rILlZEo8pqPjq2yaFh03CiQZBgYJE/t7yKyTtuU3lD8eb3KgyLTVB /VlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=CCcZYfDvlKJH0iwp/L16NO1pvu6B+S++sEI+/tdUtGI=; b=JZjPxINoUELB9f9UFW7Oowd65qbOa54tqFRDl0WUTmBca7998b3+UjewtRerq1eqYw 8wCAr44U559uIBfCo/yPqFeM23HfVXto4ta9wXnPcH2CAPirncqFnu3GQlkt3JgR6xq9 FJezmhCfVKXD5aZ4xz8AdO+W4idXWS4nMfFr7wJMPjQ1V6IjCjqUC4n7Sp/mAzzWaPMI /pWglX6HZHn6+7YmBSMXlbbgqTjcu0pQoPDxpfd5XmOvsgjIRywbcCefcsp1gq4Zz8d+ bXJQ3LIt4u89ZCvuJZvqW1fQFwqSYzA5CSkmI7F9EVrAEtsBuknLT7uLg8UsnOo2ik8n lmEQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=QVdM3grO; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u68-v6si6312085pfa.28.2018.10.04.12.29.14; Thu, 04 Oct 2018 12:29:30 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=QVdM3grO; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727578AbeJECXu (ORCPT + 99 others); Thu, 4 Oct 2018 22:23:50 -0400 Received: from mail-it1-f195.google.com ([209.85.166.195]:55786 "EHLO mail-it1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727511AbeJECXt (ORCPT ); Thu, 4 Oct 2018 22:23:49 -0400 Received: by mail-it1-f195.google.com with SMTP id c23-v6so14739250itd.5 for ; Thu, 04 Oct 2018 12:29:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CCcZYfDvlKJH0iwp/L16NO1pvu6B+S++sEI+/tdUtGI=; b=QVdM3grOHmbX55aIkE6n952P5dWvOL4Ym9frOarLs6FkQNJmNMpkYDPM5phrde6zRy PT0bxoKs64F/oPd2jhhL8hEbxh75JblgY2ftfhD65SUrDWvh3uT30NxRHIvuIaElX4Rk azYIEh1t5Znl87TEeoIFB0aDLPsGO8aOeFc0z1SBdY0eoTwvgVsoQZ0qxYRo9zp0IIFu xC1LxyKxbmvXJJ1aM5hEGKXlUKg1HaTZo3nnGLFZCnXqZKPiSXRQIzxlJuu6kUEebhKL 6bS5E+ltIwWbGnmZ48HwuiEs3igj5vscAVDC7ft2kCvRQQ5K7g71pPDlu9AhX7rAxCX9 ckug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CCcZYfDvlKJH0iwp/L16NO1pvu6B+S++sEI+/tdUtGI=; b=cwAXdOm695uSaad4J2lRjCx/ruUbYj97f4UeJ29qEcZaAoxffYAWyeNR+1RirubFtX bLQuYmUIiy8eBWCWCS8+q9Hqq33j+coG5o8kQFBv5+OPnM4qxeANDdfQiPHUOB8/7Ckw gjs2rqY82TDscoUBm70G2duGqj+MulP8v4DDjWD//AnmW6I/BI6jgx9YTW5JQVHZXOfr WS8EqoYerBNgk2jPq/Gu2WD7FIJYP+1CM36waYJ389LMp5iVb626stP1TTNq9mwuKkaQ 32s6Z6Bpt7WRCTuphaMb2CU7MQ1LQOYpWEp8psPlbc6pf5JQnTPc9vm/MqRznZK++7eb 2QQQ== X-Gm-Message-State: ABuFfoiI7Zz6ZuC7AAXAHs4S30BY+YXExMxXyoQdhfIiV/pQomQxgkLU m3pEs/TM1itpVP1KnWFnpZDlE1SyZJKHVYTSThtwDlXsqrQ= X-Received: by 2002:a24:85c6:: with SMTP id r189-v6mr6943185itd.83.1538681348272; Thu, 04 Oct 2018 12:29:08 -0700 (PDT) MIME-Version: 1.0 References: <20181004154749.111595-1-edumazet@google.com> <20181004185949.GA233675@dtor-ws> In-Reply-To: <20181004185949.GA233675@dtor-ws> From: Eric Dumazet Date: Thu, 4 Oct 2018 12:28:56 -0700 Message-ID: Subject: Re: [PATCH] Input: mousedev - add a schedule point in mousedev_write() To: Dmitry Torokhov Cc: LKML , Eric Dumazet , linux-input@vger.kernel.org, "Paul E. McKenney" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Oct 4, 2018 at 11:59 AM Dmitry Torokhov wrote: > > Hi Eric, > > On Thu, Oct 04, 2018 at 08:47:49AM -0700, Eric Dumazet wrote: > > syzbot was able to trigger rcu stalls by calling write() > > with large number of bytes. > > > > Add a cond_resched() in the loop to avoid this. > > I think this simply masks a deeper issue. The code fetches characters > from userspace in a loop, takes a lock, quickly places response in an > output buffer, and releases interrupt. I do not see why this should > cause stalls as we do not hold spinlock/interrupts off for extended > period of time. > > Adding Paul so he can straighten me out... > Well... write(fd, buffer, 0x7FFF0000); Takes between 20 seconds and 2 minutes depending on CONFIG options .... So either apply my patch, or add a limit on the max count, and possibly break legitimate user space ? I dunno... > > > > Link: https://lkml.org/lkml/2018/8/23/1106 > > Signed-off-by: Eric Dumazet > > Reported-by: syzbot+9436b02171ac0894d33e@syzkaller.appspotmail.com > > Cc: Dmitry Torokhov > > Cc: linux-input@vger.kernel.org > > --- > > drivers/input/mousedev.c | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/drivers/input/mousedev.c b/drivers/input/mousedev.c > > index e08228061bcdd2f97aaadece31d6c83eb7539ae5..412fa71245afe26a7a8ad75705566f83633ba347 100644 > > --- a/drivers/input/mousedev.c > > +++ b/drivers/input/mousedev.c > > @@ -707,6 +707,7 @@ static ssize_t mousedev_write(struct file *file, const char __user *buffer, > > mousedev_generate_response(client, c); > > > > spin_unlock_irq(&client->packet_lock); > > + cond_resched(); > > } > > > > kill_fasync(&client->fasync, SIGIO, POLL_IN); > > -- > > 2.19.0.605.g01d371f741-goog > > > > Thanks. > > -- > Dmitry