提交 d9fb53bf 编写于 作者: G Guo Mengqi 提交者: Wang Wensheng

mm/sharepool: fix potential AA deadlock

hulk inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I5R0X9
CVE: NA

--------------------------------

Fix a AA deadlock caused by nested lock in mg_sp_group_add_task().

Deadlock path:

mg_sp_group_add_task()

    down_write(sp_group_sem)
    find_or_alloc_sp_group()
	!spg_valid()
	sp_group_drop()
	    free_sp_group() -> down_write(sp_group_sem)
    ---> AA deadlock
Signed-off-by: NGuo Mengqi <guomengqi3@huawei.com>
上级 872ebaa0
...@@ -961,6 +961,14 @@ static void free_sp_group(struct sp_group *spg) ...@@ -961,6 +961,14 @@ static void free_sp_group(struct sp_group *spg)
up_write(&sp_group_sem); up_write(&sp_group_sem);
} }
static void sp_group_drop_locked(struct sp_group *spg)
{
lockdep_assert_held_write(&sp_group_sem);
if (atomic_dec_and_test(&spg->use_count))
free_sp_group_locked(spg);
}
static void sp_group_drop(struct sp_group *spg) static void sp_group_drop(struct sp_group *spg)
{ {
if (atomic_dec_and_test(&spg->use_count)) if (atomic_dec_and_test(&spg->use_count))
...@@ -1199,7 +1207,7 @@ static struct sp_group *find_or_alloc_sp_group(int spg_id, unsigned long flag) ...@@ -1199,7 +1207,7 @@ static struct sp_group *find_or_alloc_sp_group(int spg_id, unsigned long flag)
down_read(&spg->rw_lock); down_read(&spg->rw_lock);
if (!spg_valid(spg)) { if (!spg_valid(spg)) {
up_read(&spg->rw_lock); up_read(&spg->rw_lock);
sp_group_drop(spg); sp_group_drop_locked(spg);
return ERR_PTR(-ENODEV); return ERR_PTR(-ENODEV);
} }
up_read(&spg->rw_lock); up_read(&spg->rw_lock);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册