Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp1147062pxv; Fri, 9 Jul 2021 19:30:42 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxCTVlqXrul0WUtMVHeP1yxz3dozloSiCl0fUV7nTXXnC1AS60+eMHwySvB7+AekCTciJb2 X-Received: by 2002:a17:906:16cd:: with SMTP id t13mr20129600ejd.250.1625884242085; Fri, 09 Jul 2021 19:30:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1625884242; cv=none; d=google.com; s=arc-20160816; b=SBIzaWnaoZV9gtJwMBKLciHm1b1PvYiNr4/6XsZCbyyu5POxi0a2zjoYrQINZZizmj O8Ohi6UqluNaJN2wcS6YXanNvHvbqleU5CjCwEJtZFpZ0Q3WyXS8JCGvaRzjLo0wj089 YqodXdtBZ7xT/1oKAfty0CIiyg1y6+cGHhjh9QPakn2USX3pcH5Zrb6Wx7WnIaDItclY s1dVJff0rLw2j1tOMEcP5v35yCupSB7C/Orr+SB87Zj50y4qmnGXMzl8nvqz9SghvELr x+RC+lxUx9MGOr4/I6t/uk7JDHT01DLrk9d2rXHTvURvVKXrqC+1HXo6prgFQy5S9Ft3 zfoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=PUWpCYqgREw10H650qF4qYAjYSt5iABS8DvRGqwSQ+U=; b=x9zeembL5McGcioWRl6Atx1xB9oRXC5UwXva2teCiqBqNHgyeA55mP5qL/23D+5T5Z UFMn5XjrcsrD/b5sIWlFgho6Ihi6uxcY2JallSy/FfypTOSH6y5DOm1Mfyo9qSWGWPrL /K8/dILZy896mz9PTS7UrBiqJHDjtRYpfCld5RJEQm5xK8ph/JTzE667O1BWkDhGCe5l wQtrmxsCo+yljZLjI8jMjpmOcH7DZiecT7hIaUot8uzqgNod4/+nO3mORgGTiYO+EuhB y2NwvjG6WB7/EQ+VOGuwEjU1ui38lWIV44lwcj6Ans1kEbnRW2ddFCAYxN0/p1fuP9F/ yWEw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=VeCy3OvX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id jz26si8972523ejc.709.2021.07.09.19.30.19; Fri, 09 Jul 2021 19:30:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=VeCy3OvX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234005AbhGJCaN (ORCPT + 99 others); Fri, 9 Jul 2021 22:30:13 -0400 Received: from mail.kernel.org ([198.145.29.99]:41906 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233661AbhGJC1g (ORCPT ); Fri, 9 Jul 2021 22:27:36 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id B3903613FD; Sat, 10 Jul 2021 02:24:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1625883878; bh=7tYJVMxzBfyBTFGG82S147jKodsTNxfoD2mx/4qsLpU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=VeCy3OvXi9GDmxsXOFGk2/65gNAr/v0KNCOUok7qJbrWwHIMpbgu0sYbMWhXQi7BJ jqXt8fLiCm+fpspBbj4diZexWRXvg0GSFMhzKewCBE1UybBCVKa3GZtMg4l/4+jclK QOi4r2muGgrkK2GEQYfnVxEczl6btBaYOcobrxCf0v7UKkIqgwQQQfBR3EYqHEyubK +sT9IAmgwPnC1SbPhSLHuFrL2P1QJjBaoukodk8KlxHZ7VeNCRL0AIlQmg1Ceba3Jm hAXAaAzadL97ruJRM2atKkmkM1gh+BP1FcA3V0ZqE0u7rGQTSzdP4lVH0AUjEUuINK Z3s3RC3waHb+g== From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: "Paul E. McKenney" , syzbot+dde0cc33951735441301@syzkaller.appspotmail.com, Matthew Wilcox , syzbot+88e4f02896967fe1ab0d@syzkaller.appspotmail.com, Thomas Gleixner , Boqun Feng , Sasha Levin , rcu@vger.kernel.org Subject: [PATCH AUTOSEL 5.10 07/93] rcu: Reject RCU_LOCKDEP_WARN() false positives Date: Fri, 9 Jul 2021 22:23:01 -0400 Message-Id: <20210710022428.3169839-7-sashal@kernel.org> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210710022428.3169839-1-sashal@kernel.org> References: <20210710022428.3169839-1-sashal@kernel.org> MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: "Paul E. McKenney" [ Upstream commit 3066820034b5dd4e89bd74a7739c51c2d6f5e554 ] If another lockdep report runs concurrently with an RCU lockdep report from RCU_LOCKDEP_WARN(), the following sequence of events can occur: 1. debug_lockdep_rcu_enabled() sees that lockdep is enabled when called from (say) synchronize_rcu(). 2. Lockdep is disabled by a concurrent lockdep report. 3. debug_lockdep_rcu_enabled() evaluates its lockdep-expression argument, for example, lock_is_held(&rcu_bh_lock_map). 4. Because lockdep is now disabled, lock_is_held() plays it safe and returns the constant 1. 5. But in this case, the constant 1 is not safe, because invoking synchronize_rcu() under rcu_read_lock_bh() is disallowed. 6. debug_lockdep_rcu_enabled() wrongly invokes lockdep_rcu_suspicious(), resulting in a false-positive splat. This commit therefore changes RCU_LOCKDEP_WARN() to check debug_lockdep_rcu_enabled() after checking the lockdep expression, so that any "safe" returns from lock_is_held() are rejected by debug_lockdep_rcu_enabled(). This requires memory ordering, which is supplied by READ_ONCE(debug_locks). The resulting volatile accesses prevent the compiler from reordering and the fact that only one variable is being accessed prevents the underlying hardware from reordering. The combination works for IA64, which can reorder reads to the same location, but this is defeated by the volatile accesses, which compile to load instructions that provide ordering. Reported-by: syzbot+dde0cc33951735441301@syzkaller.appspotmail.com Reported-by: Matthew Wilcox Reported-by: syzbot+88e4f02896967fe1ab0d@syzkaller.appspotmail.com Reported-by: Thomas Gleixner Suggested-by: Boqun Feng Reviewed-by: Boqun Feng Signed-off-by: Paul E. McKenney Signed-off-by: Sasha Levin --- include/linux/rcupdate.h | 2 +- kernel/rcu/update.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/linux/rcupdate.h b/include/linux/rcupdate.h index c5adba5e79e7..7d12c76e8fa4 100644 --- a/include/linux/rcupdate.h +++ b/include/linux/rcupdate.h @@ -308,7 +308,7 @@ static inline int rcu_read_lock_any_held(void) #define RCU_LOCKDEP_WARN(c, s) \ do { \ static bool __section(".data.unlikely") __warned; \ - if (debug_lockdep_rcu_enabled() && !__warned && (c)) { \ + if ((c) && debug_lockdep_rcu_enabled() && !__warned) { \ __warned = true; \ lockdep_rcu_suspicious(__FILE__, __LINE__, s); \ } \ diff --git a/kernel/rcu/update.c b/kernel/rcu/update.c index 39334d2d2b37..849f0aa99333 100644 --- a/kernel/rcu/update.c +++ b/kernel/rcu/update.c @@ -275,7 +275,7 @@ EXPORT_SYMBOL_GPL(rcu_callback_map); noinstr int notrace debug_lockdep_rcu_enabled(void) { - return rcu_scheduler_active != RCU_SCHEDULER_INACTIVE && debug_locks && + return rcu_scheduler_active != RCU_SCHEDULER_INACTIVE && READ_ONCE(debug_locks) && current->lockdep_recursion == 0; } EXPORT_SYMBOL_GPL(debug_lockdep_rcu_enabled); -- 2.30.2