uacce: remove VA unmap in release q flow
driver inclusion
category: bugfix
bugzilla: NA
CVE: NA
As VA unmap at user space, kernel va unmap in release q flow
can lead dead_lock.
[ 506.703275] ======================================================
[ 506.709426] WARNING: possible circular locking dependency detected
[ 506.715580] 5.2.0-rc4-ge984cac-dirty #3 Tainted: G C O
[ 506.721817] ------------------------------------------------------
[ 506.727968] wd_zip_test/1341 is trying to acquire lock:
[ 506.733169] (____ptrval____) (&mm->mmap_sem){++++}, at: __vm_munmap+0x54/0xd0
[ 506.740278]
[ 506.740278] but task is already holding lock:
[ 506.746082] (____ptrval____) (uacce_qs_lock){+.+.}, at: uacce_fops_release+0x2c/0x220 [uacce]
[ 506.754571]
[ 506.754571] which lock already depends on the new lock.
[ 506.754571]
[ 506.762709]
[ 506.762709] the existing dependency chain (in reverse order) is:
[ 506.770155]
[ 506.770155] -> #1 (uacce_qs_lock){+.+.}:
[ 506.775533] down_write+0x50/0xc8
[ 506.779352] uacce_fops_mmap+0x3c/0x668 [uacce]
[ 506.784380] mmap_region+0x3c0/0x580
[ 506.788456] do_mmap+0x34c/0x4e0
[ 506.792190] vm_mmap_pgoff+0xe4/0x110
[ 506.796353] ksys_mmap_pgoff+0xa8/0x240
[ 506.800690] __arm64_sys_mmap+0x28/0x38
[ 506.805028] el0_svc_common.constprop.0+0x74/0x170
[ 506.810314] el0_svc_handler+0x28/0x78
[ 506.814563] el0_svc+0x8/0xc
[ 506.817948]
[ 506.817948] -> #0 (&mm->mmap_sem){++++}:
[ 506.823325] lock_acquire+0xe4/0x270
[ 506.827402] down_write_killable+0x50/0xe8
[ 506.831997] __vm_munmap+0x54/0xd0
[ 506.835901] vm_munmap+0x10/0x18
[ 506.839633] uacce_fops_release+0xc8/0x220 [uacce]
[ 506.844921] __fput+0xac/0x1f0
[ 506.848478] ____fput+0xc/0x18
[ 506.852037] task_work_run+0x98/0xc8
[ 506.856114] do_notify_resume+0x314/0x388
[ 506.860623] work_pending+0x8/0x14
[ 506.864526]
[ 506.864526] other info that might help us debug this:
[ 506.864526]
[ 506.872492] Possible unsafe locking scenario:
[ 506.872492]
[ 506.878382] CPU0 CPU1
[ 506.882890] ---- ----
[ 506.887399] lock(uacce_qs_lock);
[ 506.890784] lock(&mm->mmap_sem);
[ 506.896675] lock(uacce_qs_lock);
[ 506.902565] lock(&mm->mmap_sem);
[ 506.905951]
[ 506.905951] *** DEADLOCK ***
[ 506.905951]
[ 506.911841] 1 lock held by wd_zip_test/1341:
[ 506.916092] #0: (____ptrval____) (uacce_qs_lock){+.+.}, at: uacce_fops_release+0x2c/0x220 [uacce]
[ 506.925009]
[ 506.925009] stack backtrace:
[ 506.929348] CPU: 6 PID: 1341 Comm: wd_zip_test Tainted: G C O 5.2.0-rc4-ge984cac-dirty #3
[ 506.938609] Hardware name: Huawei TaiShan 2280 V2/BC82AMDC, BIOS 2280-V2 CS V3.B010.01 06/21/2019
[ 506.947438] Call trace:
[ 506.949875] dump_backtrace+0x0/0x148
[ 506.953521] show_stack+0x14/0x20
[ 506.956821] dump_stack+0xc8/0x114
[ 506.960207] print_circular_bug+0x1c8/0x2d8
[ 506.964370] __lock_acquire+0x1f38/0x23a8
[ 506.968360] lock_acquire+0xe4/0x270
[ 506.971918] down_write_killable+0x50/0xe8
[ 506.975994] __vm_munmap+0x54/0xd0
[ 506.979380] vm_munmap+0x10/0x18
[ 506.982593] uacce_fops_release+0xc8/0x220 [uacce]
[ 506.987360] __fput+0xac/0x1f0
[ 506.990399] ____fput+0xc/0x18
[ 506.993439] task_work_run+0x98/0xc8
[ 506.996997] do_notify_resume+0x314/0x388
[ 507.000987] work_pending+0x8/0x14
Feature or Bugfix:Bugfix
Signed-off-by: NHao Fang <fanghao11@huawei.com>
Reviewed-by: Nwangzhou <wangzhou1@hisilicon.com>
Signed-off-by: Nlingmingqiang <lingmingqiang@huawei.com>
Reviewed-by: Nlingmingqiang <lingmingqiang@huawei.com>
Reviewed-by: NYang Yingliang <yangyingliang@huawei.com>
Signed-off-by: NYang Yingliang <yangyingliang@huawei.com>
Showing
想要评论请 注册 或 登录