[PATCH] regulator: core: Avoid potential deadlock on regulator_unregister

From: Charles Keepax
Date: Thu Apr 04 2019 - 11:32:29 EST

Next message: Bin Liu: "Re: [PATCH v2] soc: sunxi: Fix missing dependency on REGMAP_MMIO"
Previous message: Charles Keepax: "[PATCH] regulator: core: Avoid potential deadlock on regulator_unregister"
In reply to: Charles Keepax: "[PATCH] regulator: core: Avoid potential deadlock on regulator_unregister"
Next in thread: Dmitry Osipenko: "Re: [PATCH] regulator: core: Avoid potential deadlock on regulator_unregister"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Lockdep reports the following issue on my setup:

Possible unsafe locking scenario:

CPU0 CPU1
---- ----
lock((work_completion)(&(&rdev->disable_work)->work));
lock(regulator_list_mutex);
lock((work_completion)(&(&rdev->disable_work)->work));
lock(regulator_list_mutex);

The problem is that regulator_unregister takes the
regulator_list_mutex and then calls flush_work on disable_work. But
regulator_disable_work calls regulator_lock_dependent which will
also take the regulator_list_mutex. Resulting in a deadlock if the
flush_work call actually needs to flush the work.

Fix this issue by moving the flush_work outside of the
regulator_list_mutex. The list mutex is not used to guard the point at
which the delayed work is queued, so its use adds no additional safety.

Fixes: f8702f9e4aa7 ("regulator: core: Use ww_mutex for regulators locking")
Signed-off-by: Charles Keepax <ckeepax@xxxxxxxxxxxxxxxxxxxxx>
---

This patch follows on from my email the other day [1].

After looking at things in more detail I am fairly confident this is
a good fix. I do still have a slight nagging doubt that something
should be protecting this flush_work from additional works being
queued, and I can't see what that is. But as that is definitely not
the regulator_list_mutex the patch is not making this any more
dangerous. In practice I suspect this is fine as nothing should
really be using a regulator that is about to be unregistered,
or really this delayed work is probably the least of the systems
problems.

Thanks,
Charles

[1] https://lore.kernel.org/lkml/20190403135531.GB81578@xxxxxxxxxxxxxxxxxxxxxxx/

drivers/regulator/core.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/regulator/core.c b/drivers/regulator/core.c
index 38442eebddfc5..186a37675b50b 100644
--- a/drivers/regulator/core.c
+++ b/drivers/regulator/core.c
@@ -5059,10 +5059,11 @@ void regulator_unregister(struct regulator_dev *rdev)
regulator_put(rdev->supply);
}

+ flush_work(&rdev->disable_work.work);
+
mutex_lock(&regulator_list_mutex);

debugfs_remove_recursive(rdev->debugfs);
- flush_work(&rdev->disable_work.work);
WARN_ON(rdev->open_count);
regulator_remove_coupling(rdev);
unset_regulator_supplies(rdev);
--
2.11.0

Next message: Bin Liu: "Re: [PATCH v2] soc: sunxi: Fix missing dependency on REGMAP_MMIO"
Previous message: Charles Keepax: "[PATCH] regulator: core: Avoid potential deadlock on regulator_unregister"
In reply to: Charles Keepax: "[PATCH] regulator: core: Avoid potential deadlock on regulator_unregister"
Next in thread: Dmitry Osipenko: "Re: [PATCH] regulator: core: Avoid potential deadlock on regulator_unregister"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]