From patchwork Wed Aug 21 09:24:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 171940 Delivered-To: patch@linaro.org Received: by 2002:a92:d204:0:0:0:0:0 with SMTP id y4csp706823ily; Wed, 21 Aug 2019 02:24:24 -0700 (PDT) X-Google-Smtp-Source: APXvYqzT1f2H3XMbKepLkZA58EsO2C5pbX5+F1Th5NSQlL5SGmsl9VourvOkG5cOU4sCRc85PBDq X-Received: by 2002:a65:5144:: with SMTP id g4mr28461026pgq.202.1566379464015; Wed, 21 Aug 2019 02:24:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1566379464; cv=none; d=google.com; s=arc-20160816; b=o/UVOFvSf2orYu+R5shbcHf62ZfUwnJHfYsiZA33YSjrQRfR0JNVzCQKfVlx1PoVyP LriVhav1OfEqVWKqXUXosmHFh4h22HUkz00Paim++qvZHk3PBc4YcfoMR01VxBGC8xa0 t0a40Wtj2w3VoEpJqn7hNhK2/JVQOVdxR6wSyAnNIGOjCbQr7DiY1BLujd5cK4MHBxw+ xQwpv3N4s4idgmYv59g2CmoJ98OQ90E1+PNUeSHHWjxmAMvNEHRB1uN631NDMJPAEag0 uL23q1esdLx/misFarxv0IWv59lG/vDqdaGaxr5HGVGUbe/dT1UhJ9oTy+VmfzlWr6bJ eA2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from; bh=zVihlzPmEomZQWMVFMdSHmCrfMOgdd/GcrGAhCZz3ts=; b=VsS7ZI4OpspSHUZLKdApn0VEqYOQQz6WvF7QOhWwxfua5z095lRZQlRDbf4DCLtG6S J8fOMsWvr1Nm7EfPI/JAUvRSNNyAvu7Jbb0T/eH0TAAHgMn0A0RKZWq4RQTdw8Owtknu 9qlQsdrB1YKMBx29oLRy3EHzBBOLjx3Bv3JNdHvVtBtdbw/HjEixvjq5S01C5XcmLBls hg2MR+3QggnIom3hSLeymAfv2siH9N1YIzL8jPDtb4xYOKo1tiWPbYtpsNFY9txQcfvh PQ+kOK53R+ZJgDFKmSiD+RrEPuoo4JHNeD/c+efYjZsec97opFCwgKMAPsGBID9qQdK2 ZyFA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-rt-users-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-rt-users-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f186si13762450pgc.438.2019.08.21.02.24.23; Wed, 21 Aug 2019 02:24:24 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-rt-users-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-rt-users-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-rt-users-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727275AbfHUJYX (ORCPT + 3 others); Wed, 21 Aug 2019 05:24:23 -0400 Received: from foss.arm.com ([217.140.110.172]:55072 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727078AbfHUJYS (ORCPT ); Wed, 21 Aug 2019 05:24:18 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 609271597; Wed, 21 Aug 2019 02:24:18 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.196.50]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 5D4A63F706; Wed, 21 Aug 2019 02:24:17 -0700 (PDT) From: Julien Grall To: linux-rt-users@vger.kernel.org Cc: tglx@linutronix.de, linux-kernel@vger.kernel.org, maz@kernel.org, bigeasy@linutronix.de, rostedt@goodmis.org, Julien Grall Subject: [RT PATCH 3/3] hrtimer: Prevent using uninitialized spin_lock in hrtimer_grab_expiry_lock() Date: Wed, 21 Aug 2019 10:24:09 +0100 Message-Id: <20190821092409.13225-4-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190821092409.13225-1-julien.grall@arm.com> References: <20190821092409.13225-1-julien.grall@arm.com> Sender: linux-rt-users-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-rt-users@vger.kernel.org migration_base is used as a placeholder when an hrtimer is switching between base (see switch_hrtimer_timer_base). It is possible theoritically possible to have timer->base equal to migration_base. Even if it is a placeholder, it would pass all the current check in hrtimer_grab_expiry_lock() leading to use softirq_expiry_lock uninitialized. This is can be prevented by checking whether the base is equal to the placeholder (i.e. migration_base). Furthermore, all the path leading to hrtimer_grab_expiry_lock() assumes timer->base and timer->base->cpu_base are always non-NULL. So it is safe to remove the NULL checks here. Signed-off-by: Julien Grall --- I don't have a reproducer so far, but I can't see why it would not be possible to happen. --- kernel/time/hrtimer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.11.0 diff --git a/kernel/time/hrtimer.c b/kernel/time/hrtimer.c index 119414a2f59c..5eb45a868de9 100644 --- a/kernel/time/hrtimer.c +++ b/kernel/time/hrtimer.c @@ -934,7 +934,7 @@ void hrtimer_grab_expiry_lock(const struct hrtimer *timer) { struct hrtimer_clock_base *base = READ_ONCE(timer->base); - if (timer->is_soft && base && base->cpu_base) { + if (timer->is_soft && base != &migration_base) { spin_lock(&base->cpu_base->softirq_expiry_lock); spin_unlock(&base->cpu_base->softirq_expiry_lock); }