Re: [PATCH] locking/mutex: add MUTEX_WARN_ON() into fast path
From: yunhui cui
Date: Thu Feb 20 2025 - 07:50:53 EST
Hi All,
Gentle ping. Any comments on this patch?
On Sun, Jan 26, 2025 at 11:32 AM Yunhui Cui <cuiyunhui@xxxxxxxxxxxxx> wrote:
>
> Scenario: In platform_device_register, the driver misuses struct
> device as platform_data, making kmemdup duplicate a device. Accessing
> the duplicate may cause list corruption due to its mutex magic or list
> holding old content.
> It recurs randomly as the first mutex - getting process skips the slow
> path and mutex check. Adding MUTEX_WARN_ON(lock->magic!= lock) in
> __mutex_trylock_fast() makes it always happen.
>
> Signed-off-by: Yunhui Cui <cuiyunhui@xxxxxxxxxxxxx>
> ---
> kernel/locking/mutex.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/kernel/locking/mutex.c b/kernel/locking/mutex.c
> index b36f23de48f1..19b636f60a24 100644
> --- a/kernel/locking/mutex.c
> +++ b/kernel/locking/mutex.c
> @@ -143,6 +143,8 @@ static __always_inline bool __mutex_trylock_fast(struct mutex *lock)
> unsigned long curr = (unsigned long)current;
> unsigned long zero = 0UL;
>
> + MUTEX_WARN_ON(lock->magic != lock);
> +
> if (atomic_long_try_cmpxchg_acquire(&lock->owner, &zero, curr))
> return true;
>
> --
> 2.39.2
>
Thanks,
Yunhui