All of lore.kernel.org
 help / color / mirror / Atom feed
From: Fedor Pchelkin <pchelkin@ispras.ru>
To: "Starke, Daniel" <daniel.starke@siemens.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Jiri Slaby <jirislaby@kernel.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	Alexey Khoroshilov <khoroshilov@ispras.ru>,
	Pavel Machek <pavel@ucw.cz>,
	lvc-project@linuxtesting.org
Subject: Re: [PATCH v2] tty: n_gsm: avoid call of sleeping functions from atomic context
Date: Sat, 8 Oct 2022 13:54:49 +0300	[thread overview]
Message-ID: <3572970f-f40f-5410-651a-a5e019d328d8@ispras.ru> (raw)
In-Reply-To: <DB9PR10MB58814C87D370B045EFB6682EE05D9@DB9PR10MB5881.EURPRD10.PROD.OUTLOOK.COM>

On 05.10.2022 13:47, Daniel Starke wrote:
 > This patch breaks packet retransmission. Basically tx_lock and now 
tx_mutex
 > protects the transmission packet queue. This works fine as long as 
packets
 > are transmitted in a context that allows sleep. However, the 
retransmission
 > timer T2 is called from soft IRQ context and spans an additional atomic
 > context via control_lock within gsm_control_retransmit(). The call path
 > looks like this:
 > gsm_control_retransmit()
 >    spin_lock_irqsave(&gsm->control_lock, flags)
 >      gsm_control_transmit()
 >        gsm_data_queue()
 >          mutex_lock(&gsm->tx_mutex) // -> sleep in atomic context

As far as switching to tx_mutex turns out to have its own problems,
we suggest to revert it and to find another solution for the original
issue.

As it is described in commit 32dd59f ("tty: n_gsm: fix race condition in 
gsmld_write()"), the issue is that gsmld_write() may be used by the user 
directly and also by the n_gsm internal functions. But the proposed 
solution to add a spinlock around the low side tty write is not suitable 
since the tty write may sleep:

   gsmld_write(...)
    spin_lock_irqsave(&gsm->tx_lock, flags)
     tty->ops->write(...);
      con_write(...)
       do_con_write(...)
        console_lock()
         might_sleep() // -> bug

So let's consider alternative approaches to avoid the race condition.

We have found the only potential concurrency place:
gsm->tty->ops->write() in gsmld_output() and tty->ops->write() in
gsmld_write().

Is that right? Or there are some other cases?

On 05.10.2022 13:47, Daniel Starke wrote:
 > Long story short: The patch via mutex does not solve the issue. It is 
only
 > shifted to another function. I suggest splitting the TX lock into packet
 > queue lock and underlying tty write mutex.
 >
 > I would have implemented the patch if I had means to verify it.

Probably splitting the TX lock would be rather complex as there is
gsm_data_kick() which in this way has to be protected by packet queue
spinlock and at the same time it contains gsmld_output() (via
gsm_send_packet()) that would require mutex protection.

  reply	other threads:[~2022-10-08 10:55 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-08-26 19:35 [PATCH] tty: n_gsm: avoid call of sleeping functions from atomic context Fedor Pchelkin
2022-08-27  9:13 ` [PATCH v2] " Fedor Pchelkin
2022-09-19 11:32   ` Pavel Machek
2022-09-20  7:18     ` Fedor Pchelkin
2022-10-05 10:47       ` Starke, Daniel
2022-10-08 10:54         ` Fedor Pchelkin [this message]
2022-10-08 11:02           ` [PATCH 0/2] tty: n_gsm: revert tx_mutex usage Fedor Pchelkin
2022-10-08 11:02             ` [PATCH 1/2] Revert "tty: n_gsm: avoid call of sleeping functions from atomic context" Fedor Pchelkin
2022-10-25  6:06               ` D. Starke
2022-10-08 11:02             ` [PATCH 2/2] Revert "tty: n_gsm: replace kicktimer with delayed_work" Fedor Pchelkin
2022-10-25  6:10               ` D. Starke
2022-10-25  7:31             ` [PATCH 0/2] tty: n_gsm: revert tx_mutex usage Pavel Machek
2022-10-12  6:04           ` [PATCH v2] tty: n_gsm: avoid call of sleeping functions from atomic context Starke, Daniel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3572970f-f40f-5410-651a-a5e019d328d8@ispras.ru \
    --to=pchelkin@ispras.ru \
    --cc=daniel.starke@siemens.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=jirislaby@kernel.org \
    --cc=khoroshilov@ispras.ru \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lvc-project@linuxtesting.org \
    --cc=pavel@ucw.cz \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.