[PATCH] regulator: core: Avoid potential deadlock on regulator_unregister

From: Charles Keepax
Date: Thu Apr 04 2019 - 11:32:18 EST


Lockdep reports the following issue on my setup:

Possible unsafe locking scenario:

CPU0 CPU1
---- ----
lock((work_completion)(&(&rdev->disable_work)->work));
lock(regulator_list_mutex);
lock((work_completion)(&(&rdev->disable_work)->work));
lock(regulator_list_mutex);

The problem is that regulator_unregister takes the
regulator_list_mutex and then calls flush_work on disable_work. But
regulator_disable_work calls regulator_lock_dependent which will
also take the regulator_list_mutex. Resulting in a deadlock if the
flush_work call actually needs to flush the work.

Fix this issue by moving the flush_work outside of the
regulator_list_mutex. The list mutex is not used to guard the point at
which the delayed work is queued, so its use adds no additional safety.

Fixes: f8702f9e4aa7 ("regulator: core: Use ww_mutex for regulators locking")
Signed-off-by: Charles Keepax <ckeepax@xxxxxxxxxxxxxxxxxxxxx>
Reviewed-by: Dmitry Osipenko <digetx@xxxxxxxxx>
Signed-off-by: Mark Brown <broonie@xxxxxxxxxx>
---
drivers/regulator/core.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/regulator/core.c b/drivers/regulator/core.c
index 968dcd9d7a07..8573dd0871fd 100644
--- a/drivers/regulator/core.c
+++ b/drivers/regulator/core.c
@@ -5061,10 +5061,11 @@ void regulator_unregister(struct regulator_dev *rdev)
regulator_put(rdev->supply);
}

+ flush_work(&rdev->disable_work.work);
+
mutex_lock(&regulator_list_mutex);

debugfs_remove_recursive(rdev->debugfs);
- flush_work(&rdev->disable_work.work);
WARN_ON(rdev->open_count);
regulator_remove_coupling(rdev);
unset_regulator_supplies(rdev);
--
2.20.1