| Message ID | 20231019153115.26401-1-johan+linaro@kernel.org |
|---|---|
| Headers | show |
| Series | wifi: ath11k: fix event locking | expand |
On 10/19/2023 8:31 AM, Johan Hovold wrote: > The ath11k active pdevs are protected by RCU but the temperature event > handling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a > read-side critical section as reported by RCU lockdep: > > ============================= > WARNING: suspicious RCU usage > 6.6.0-rc6 #7 Not tainted > ----------------------------- > drivers/net/wireless/ath/ath11k/mac.c:638 suspicious rcu_dereference_check() usage! > > other info that might help us debug this: > > rcu_scheduler_active = 2, debug_locks = 1 > no locks held by swapper/0/0. > ... > Call trace: > ... > lockdep_rcu_suspicious+0x16c/0x22c > ath11k_mac_get_ar_by_pdev_id+0x194/0x1b0 [ath11k] > ath11k_wmi_tlv_op_rx+0xa84/0x2c1c [ath11k] > ath11k_htc_rx_completion_handler+0x388/0x510 [ath11k] > > Mark the code in question as an RCU read-side critical section to avoid > any potential use-after-free issues. > > Fixes: a41d10348b01 ("ath11k: add thermal sensor device support") > Cc: stable@vger.kernel.org # 5.7 > Signed-off-by: Johan Hovold <johan+linaro@kernel.org> Acked-by: Jeff Johnson <quic_jjohnson@quicinc.com>
Johan Hovold <johan+linaro@kernel.org> writes: > RCU lockdep reported suspicious RCU usage when accessing the temperature > sensor. Inspection revealed that the DFS radar event code was also > missing the required RCU read-side critical section marking. > > Johan > > > Changes in v2 > - add the missing rcu_read_unlock() to an > ath11k_wmi_pdev_temperature_event() error path as noticed by Jeff > > > Johan Hovold (2): > wifi: ath11k: fix temperature event locking > wifi: ath11k: fix dfs radar event locking Thanks for the fixes. I really like using lockdep_assert_held() to document if a function requires some lock held, is there anything similar for RCU?
On Tue, Oct 24, 2023 at 05:07:38PM +0300, Kalle Valo wrote: > Johan Hovold <johan+linaro@kernel.org> writes: > > > RCU lockdep reported suspicious RCU usage when accessing the temperature > > sensor. Inspection revealed that the DFS radar event code was also > > missing the required RCU read-side critical section marking. > > > > Johan > > > > > > Changes in v2 > > - add the missing rcu_read_unlock() to an > > ath11k_wmi_pdev_temperature_event() error path as noticed by Jeff > > > > > > Johan Hovold (2): > > wifi: ath11k: fix temperature event locking > > wifi: ath11k: fix dfs radar event locking > > Thanks for the fixes. I really like using lockdep_assert_held() to > document if a function requires some lock held, is there anything > similar for RCU? Not really, but the checking is instead built into the primitives like rcu_dereference() and enabled whenever CONFIG_PROVE_RCU is set. For some special cases, we have open-coded checks like: RCU_LOCKDEP_WARN(!rcu_read_lock_held()); which similarly depend on CONFIG_PROVE_RCU or simply WARN_ON_ONCE(!rcu_read_lock_held()); Johan
(old discussion, changing title) Johan Hovold <johan@kernel.org> writes: > On Tue, Oct 24, 2023 at 05:07:38PM +0300, Kalle Valo wrote: > >> Johan Hovold <johan+linaro@kernel.org> writes: >> >> > RCU lockdep reported suspicious RCU usage when accessing the temperature >> > sensor. Inspection revealed that the DFS radar event code was also >> > missing the required RCU read-side critical section marking. >> > >> > Johan >> > >> > >> > Changes in v2 >> > - add the missing rcu_read_unlock() to an >> > ath11k_wmi_pdev_temperature_event() error path as noticed by Jeff >> > >> > >> > Johan Hovold (2): >> > wifi: ath11k: fix temperature event locking >> > wifi: ath11k: fix dfs radar event locking >> >> Thanks for the fixes. I really like using lockdep_assert_held() to >> document if a function requires some lock held, is there anything >> similar for RCU? > > Not really, but the checking is instead built into the primitives like > rcu_dereference() and enabled whenever CONFIG_PROVE_RCU is set. > > For some special cases, we have open-coded checks like: > > RCU_LOCKDEP_WARN(!rcu_read_lock_held()); > > which similarly depend on CONFIG_PROVE_RCU or simply > > WARN_ON_ONCE(!rcu_read_lock_held()); I just found out that sparse has __must_hold(): https://lore.kernel.org/linux-wireless/87sf31hhfp.fsf@kernel.org/ That looks promising, should we start using that in ath11k and ath12k to check our RCU usage?
On Mon, Jan 22, 2024 at 02:10:17PM +0100, Johan Hovold wrote: > On Sat, Jan 13, 2024 at 12:26:53PM +0200, Kalle Valo wrote: > > I just found out that sparse has __must_hold(): > > > > https://lore.kernel.org/linux-wireless/87sf31hhfp.fsf@kernel.org/ > > > > That looks promising, should we start using that in ath11k and ath12k to > > check our RCU usage? > > I see that Johannes already commented on this in the thread above. > > I'm pretty sure smatch can't be used for this. I meant "sparse"... Johan
Johan Hovold <johan@kernel.org> writes: > On Mon, Jan 22, 2024 at 02:10:17PM +0100, Johan Hovold wrote: >> On Sat, Jan 13, 2024 at 12:26:53PM +0200, Kalle Valo wrote: > >> > I just found out that sparse has __must_hold(): >> > >> > https://lore.kernel.org/linux-wireless/87sf31hhfp.fsf@kernel.org/ >> > >> > That looks promising, should we start using that in ath11k and ath12k to >> > check our RCU usage? >> >> I see that Johannes already commented on this in the thread above. >> >> I'm pretty sure smatch can't be used for this. > > I meant "sparse"... Yeah, that was a disappointment. I should have tested it first :)