[PATCH 0/2] ALSA: pcm: stream linking locking fixes

[PATCH 0/2] ALSA: pcm: stream linking locking fixes

[Michał Mirosław]

Two patches fixing locking issues for SNDRV_PCM_IOCTL_LINK handling:
first adds a check preventing linking a stream to itself, second quiets
lockdep warning about nested locks.

Michał Mirosław (2):
  ALSA: pcm: disallow linking stream to itself
  ALSA: pcm: fix snd_pcm_link() lockdep splat

 sound/core/pcm_native.c | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

-- 
2.20.1

[PATCH 2/2] ALSA: pcm: fix snd_pcm_link() lockdep splat

[Michał Mirosław]

Add and use snd_pcm_stream_lock_nested() in snd_pcm_link/unlink
implementation.  The code is fine, but generates a lockdep complaint:

============================================
WARNING: possible recursive locking detected
5.7.1mq+ #381 Tainted: G           O
--------------------------------------------
pulseaudio/4180 is trying to acquire lock:
ffff888402d6f508 (&group->lock){-...}-{2:2}, at: snd_pcm_common_ioctl+0xda8/0xee0 [snd_pcm]

but task is already holding lock:
ffff8883f7a8cf18 (&group->lock){-...}-{2:2}, at: snd_pcm_common_ioctl+0xe4e/0xee0 [snd_pcm]

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&group->lock);
  lock(&group->lock);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

2 locks held by pulseaudio/4180:
 #0: ffffffffa1a05190 (snd_pcm_link_rwsem){++++}-{3:3}, at: snd_pcm_common_ioctl+0xca0/0xee0 [snd_pcm]
 #1: ffff8883f7a8cf18 (&group->lock){-...}-{2:2}, at: snd_pcm_common_ioctl+0xe4e/0xee0 [snd_pcm]
[...]

Cc: stable@vger.kernel.org
Fixes: f57f3df03a8e ("ALSA: pcm: More fine-grained PCM link locking")
Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>
---
 sound/core/pcm_native.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c
index 3ad399cb6f30..5b36881f7095 100644
--- a/sound/core/pcm_native.c
+++ b/sound/core/pcm_native.c
@@ -138,6 +138,16 @@ void snd_pcm_stream_lock_irq(struct snd_pcm_substream *substream)
 }
 EXPORT_SYMBOL_GPL(snd_pcm_stream_lock_irq);
 
+static void snd_pcm_stream_lock_nested(struct snd_pcm_substream *substream)
+{
+	struct snd_pcm_group *group = &substream->self_group;
+
+	if (substream->pcm->nonatomic)
+		mutex_lock_nested(&group->mutex, SINGLE_DEPTH_NESTING);
+	else
+		spin_lock_nested(&group->lock, SINGLE_DEPTH_NESTING);
+}
+
 /**
  * snd_pcm_stream_unlock_irq - Unlock the PCM stream
  * @substream: PCM substream
@@ -2200,7 +2210,7 @@ static int snd_pcm_link(struct snd_pcm_substream *substream, int fd)
 	snd_pcm_stream_unlock_irq(substream);
 
 	snd_pcm_group_lock_irq(target_group, nonatomic);
-	snd_pcm_stream_lock(substream1);
+	snd_pcm_stream_lock_nested(substream1);
 	snd_pcm_group_assign(substream1, target_group);
 	refcount_inc(&target_group->refs);
 	snd_pcm_stream_unlock(substream1);
@@ -2216,7 +2226,7 @@ static int snd_pcm_link(struct snd_pcm_substream *substream, int fd)
 
 static void relink_to_local(struct snd_pcm_substream *substream)
 {
-	snd_pcm_stream_lock(substream);
+	snd_pcm_stream_lock_nested(substream);
 	snd_pcm_group_assign(substream, &substream->self_group);
 	snd_pcm_stream_unlock(substream);
 }
-- 
2.20.1

[PATCH 1/2] ALSA: pcm: disallow linking stream to itself

[Michał Mirosław]

Prevent SNDRV_PCM_IOCTL_LINK linking stream to itself - the code
can't handle it. Fixed commit is not where bug was introduced, but
changes the context significantly.

Cc: stable@vger.kernel.org
Fixes: 0888c321de70 ("pcm_native: switch to fdget()/fdput()")
Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>
---
 sound/core/pcm_native.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c
index aef860256278..3ad399cb6f30 100644
--- a/sound/core/pcm_native.c
+++ b/sound/core/pcm_native.c
@@ -2166,6 +2166,12 @@ static int snd_pcm_link(struct snd_pcm_substream *substream, int fd)
 	}
 	pcm_file = f.file->private_data;
 	substream1 = pcm_file->substream;
+
+	if (substream == substream1) {
+		res = -EDEADLK;
+		goto _badf;
+	}
+
 	group = kzalloc(sizeof(*group), GFP_KERNEL);
 	if (!group) {
 		res = -ENOMEM;
-- 
2.20.1

Re: [PATCH 1/2] ALSA: pcm: disallow linking stream to itself

[Takashi Iwai]

On Mon, 08 Jun 2020 12:06:32 +0200,
Michał Mirosław wrote:
> 
> Prevent SNDRV_PCM_IOCTL_LINK linking stream to itself - the code
> can't handle it. Fixed commit is not where bug was introduced, but
> changes the context significantly.
> 
> Cc: stable@vger.kernel.org
> Fixes: 0888c321de70 ("pcm_native: switch to fdget()/fdput()")
> Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>

Thanks for the fix.  Just a minor point:

> @@ -2166,6 +2166,12 @@ static int snd_pcm_link(struct snd_pcm_substream *substream, int fd)
>  	}
>  	pcm_file = f.file->private_data;
>  	substream1 = pcm_file->substream;
> +
> +	if (substream == substream1) {
> +		res = -EDEADLK;

We've never used this error code, hence it may confuse the user-space
side.  I'd use a more standard -EINVAL instead; the error is basically
an invalid argument, after all.


thanks,

Takashi

Re: [PATCH 2/2] ALSA: pcm: fix snd_pcm_link() lockdep splat

[Takashi Iwai]

On Mon, 08 Jun 2020 12:06:32 +0200,
Michał Mirosław wrote:
> 
> Add and use snd_pcm_stream_lock_nested() in snd_pcm_link/unlink
> implementation.  The code is fine, but generates a lockdep complaint:
> 
> ============================================
> WARNING: possible recursive locking detected
> 5.7.1mq+ #381 Tainted: G           O
> --------------------------------------------
> pulseaudio/4180 is trying to acquire lock:
> ffff888402d6f508 (&group->lock){-...}-{2:2}, at: snd_pcm_common_ioctl+0xda8/0xee0 [snd_pcm]
> 
> but task is already holding lock:
> ffff8883f7a8cf18 (&group->lock){-...}-{2:2}, at: snd_pcm_common_ioctl+0xe4e/0xee0 [snd_pcm]
> 
> other info that might help us debug this:
>  Possible unsafe locking scenario:
> 
>        CPU0
>        ----
>   lock(&group->lock);
>   lock(&group->lock);
> 
>  *** DEADLOCK ***
> 
>  May be due to missing lock nesting notation
> 
> 2 locks held by pulseaudio/4180:
>  #0: ffffffffa1a05190 (snd_pcm_link_rwsem){++++}-{3:3}, at: snd_pcm_common_ioctl+0xca0/0xee0 [snd_pcm]
>  #1: ffff8883f7a8cf18 (&group->lock){-...}-{2:2}, at: snd_pcm_common_ioctl+0xe4e/0xee0 [snd_pcm]
> [...]
> 
> Cc: stable@vger.kernel.org
> Fixes: f57f3df03a8e ("ALSA: pcm: More fine-grained PCM link locking")
> Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>

Applied now.  Thanks.


Takashi

[PATCH v2] ALSA: pcm: disallow linking stream to itself

[Michał Mirosław]

Prevent SNDRV_PCM_IOCTL_LINK linking stream to itself - the code
can't handle it. Fixed commit is not where bug was introduced, but
changes the context significantly.

Cc: stable@vger.kernel.org
Fixes: 0888c321de70 ("pcm_native: switch to fdget()/fdput()")
Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>
---
v2: EDEADLK -> EINVAL
---
 sound/core/pcm_native.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c
index aef860256278..434e7b604bad 100644
--- a/sound/core/pcm_native.c
+++ b/sound/core/pcm_native.c
@@ -2166,6 +2166,12 @@ static int snd_pcm_link(struct snd_pcm_substream *substream, int fd)
 	}
 	pcm_file = f.file->private_data;
 	substream1 = pcm_file->substream;
+
+	if (substream == substream1) {
+		res = -EINVAL;
+		goto _badf;
+	}
+
 	group = kzalloc(sizeof(*group), GFP_KERNEL);
 	if (!group) {
 		res = -ENOMEM;
-- 
2.20.1

Re: [PATCH v2] ALSA: pcm: disallow linking stream to itself

[Takashi Iwai]

On Mon, 08 Jun 2020 18:50:39 +0200,
Michał Mirosław wrote:
> 
> Prevent SNDRV_PCM_IOCTL_LINK linking stream to itself - the code
> can't handle it. Fixed commit is not where bug was introduced, but
> changes the context significantly.
> 
> Cc: stable@vger.kernel.org
> Fixes: 0888c321de70 ("pcm_native: switch to fdget()/fdput()")
> Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>
> ---
> v2: EDEADLK -> EINVAL

Applied now.  Thanks!


Takashi