linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Qi Liu <liuqi115@huawei.com>,
	Haifeng Wang <wang.wanghaifeng@huawei.com>,
	John Garry <john.garry@huawei.com>, Will Deacon <will@kernel.org>,
	Sasha Levin <sashal@kernel.org>,
	linux-arm-kernel@lists.infradead.org
Subject: [PATCH AUTOSEL 5.7 33/40] drivers/perf: Fix kernel panic when rmmod PMU modules during perf sampling
Date: Mon, 20 Jul 2020 17:37:08 -0400	[thread overview]
Message-ID: <20200720213715.406997-33-sashal@kernel.org> (raw)
In-Reply-To: <20200720213715.406997-1-sashal@kernel.org>

From: Qi Liu <liuqi115@huawei.com>

[ Upstream commit bdc5c744c7b6457d18a95c26769dad0e7f480a08 ]

When users try to remove PMU modules during perf sampling, kernel panic
will happen because the pmu->read() is a NULL pointer here.

INFO on HiSilicon hip08 platform as follow:
pc : hisi_uncore_pmu_event_update+0x30/0xa4 [hisi_uncore_pmu]
lr : hisi_uncore_pmu_read+0x20/0x2c [hisi_uncore_pmu]
sp : ffff800010103e90
x29: ffff800010103e90 x28: ffff0027db0c0e40
x27: ffffa29a76f129d8 x26: ffffa29a77ceb000
x25: ffffa29a773a5000 x24: ffffa29a77392000
x23: ffffddffe5943f08 x22: ffff002784285960
x21: ffff002784285800 x20: ffff0027d2e76c80
x19: ffff0027842859e0 x18: ffff80003498bcc8
x17: ffffa29a76afe910 x16: ffffa29a7583f530
x15: 16151a1512061a1e x14: 0000000000000000
x13: ffffa29a76f1e238 x12: 0000000000000001
x11: 0000000000000400 x10: 00000000000009f0
x9 : ffff8000107b3e70 x8 : ffff0027db0c1890
x7 : ffffa29a773a7000 x6 : 00000007f5131013
x5 : 00000007f5131013 x4 : 09f257d417c00000
x3 : 00000002187bd7ce x2 : ffffa29a38f0f0d8
x1 : ffffa29a38eae268 x0 : ffff0027d2e76c80
Call trace:
hisi_uncore_pmu_event_update+0x30/0xa4 [hisi_uncore_pmu]
hisi_uncore_pmu_read+0x20/0x2c [hisi_uncore_pmu]
__perf_event_read+0x1a0/0x1f8
flush_smp_call_function_queue+0xa0/0x160
generic_smp_call_function_single_interrupt+0x18/0x20
handle_IPI+0x31c/0x4dc
gic_handle_irq+0x2c8/0x310
el1_irq+0xcc/0x180
arch_cpu_idle+0x4c/0x20c
default_idle_call+0x20/0x30
do_idle+0x1b4/0x270
cpu_startup_entry+0x28/0x30
secondary_start_kernel+0x1a4/0x1fc

To solve the above issue, current module should be registered to kernel,
so that try_module_get() can be invoked when perf sampling starts. This
adds the reference counting of module and could prevent users from removing
modules during sampling.

Reported-by: Haifeng Wang <wang.wanghaifeng@huawei.com>
Signed-off-by: Qi Liu <liuqi115@huawei.com>
Reviewed-by: John Garry <john.garry@huawei.com>
Link: https://lore.kernel.org/r/1594891165-8228-1-git-send-email-liuqi115@huawei.com
Signed-off-by: Will Deacon <will@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 drivers/perf/arm_smmuv3_pmu.c                 | 1 +
 drivers/perf/fsl_imx8_ddr_perf.c              | 1 +
 drivers/perf/hisilicon/hisi_uncore_ddrc_pmu.c | 1 +
 drivers/perf/hisilicon/hisi_uncore_hha_pmu.c  | 1 +
 drivers/perf/hisilicon/hisi_uncore_l3c_pmu.c  | 1 +
 5 files changed, 5 insertions(+)

diff --git a/drivers/perf/arm_smmuv3_pmu.c b/drivers/perf/arm_smmuv3_pmu.c
index 48e28ef93a702..90caba56dfbc1 100644
--- a/drivers/perf/arm_smmuv3_pmu.c
+++ b/drivers/perf/arm_smmuv3_pmu.c
@@ -742,6 +742,7 @@ static int smmu_pmu_probe(struct platform_device *pdev)
 	platform_set_drvdata(pdev, smmu_pmu);
 
 	smmu_pmu->pmu = (struct pmu) {
+		.module		= THIS_MODULE,
 		.task_ctx_nr    = perf_invalid_context,
 		.pmu_enable	= smmu_pmu_enable,
 		.pmu_disable	= smmu_pmu_disable,
diff --git a/drivers/perf/fsl_imx8_ddr_perf.c b/drivers/perf/fsl_imx8_ddr_perf.c
index 90884d14f95fa..2aed2d96f8ae7 100644
--- a/drivers/perf/fsl_imx8_ddr_perf.c
+++ b/drivers/perf/fsl_imx8_ddr_perf.c
@@ -512,6 +512,7 @@ static int ddr_perf_init(struct ddr_pmu *pmu, void __iomem *base,
 {
 	*pmu = (struct ddr_pmu) {
 		.pmu = (struct pmu) {
+			.module	      = THIS_MODULE,
 			.capabilities = PERF_PMU_CAP_NO_EXCLUDE,
 			.task_ctx_nr = perf_invalid_context,
 			.attr_groups = attr_groups,
diff --git a/drivers/perf/hisilicon/hisi_uncore_ddrc_pmu.c b/drivers/perf/hisilicon/hisi_uncore_ddrc_pmu.c
index 453f1c6a16ca8..c65da06abb041 100644
--- a/drivers/perf/hisilicon/hisi_uncore_ddrc_pmu.c
+++ b/drivers/perf/hisilicon/hisi_uncore_ddrc_pmu.c
@@ -378,6 +378,7 @@ static int hisi_ddrc_pmu_probe(struct platform_device *pdev)
 			      ddrc_pmu->sccl_id, ddrc_pmu->index_id);
 	ddrc_pmu->pmu = (struct pmu) {
 		.name		= name,
+		.module		= THIS_MODULE,
 		.task_ctx_nr	= perf_invalid_context,
 		.event_init	= hisi_uncore_pmu_event_init,
 		.pmu_enable	= hisi_uncore_pmu_enable,
diff --git a/drivers/perf/hisilicon/hisi_uncore_hha_pmu.c b/drivers/perf/hisilicon/hisi_uncore_hha_pmu.c
index e5af9d7e6e145..ee6e6a1c390a0 100644
--- a/drivers/perf/hisilicon/hisi_uncore_hha_pmu.c
+++ b/drivers/perf/hisilicon/hisi_uncore_hha_pmu.c
@@ -390,6 +390,7 @@ static int hisi_hha_pmu_probe(struct platform_device *pdev)
 			      hha_pmu->sccl_id, hha_pmu->index_id);
 	hha_pmu->pmu = (struct pmu) {
 		.name		= name,
+		.module		= THIS_MODULE,
 		.task_ctx_nr	= perf_invalid_context,
 		.event_init	= hisi_uncore_pmu_event_init,
 		.pmu_enable	= hisi_uncore_pmu_enable,
diff --git a/drivers/perf/hisilicon/hisi_uncore_l3c_pmu.c b/drivers/perf/hisilicon/hisi_uncore_l3c_pmu.c
index 479de4be99eba..c8b98d3a8432a 100644
--- a/drivers/perf/hisilicon/hisi_uncore_l3c_pmu.c
+++ b/drivers/perf/hisilicon/hisi_uncore_l3c_pmu.c
@@ -380,6 +380,7 @@ static int hisi_l3c_pmu_probe(struct platform_device *pdev)
 			      l3c_pmu->sccl_id, l3c_pmu->index_id);
 	l3c_pmu->pmu = (struct pmu) {
 		.name		= name,
+		.module		= THIS_MODULE,
 		.task_ctx_nr	= perf_invalid_context,
 		.event_init	= hisi_uncore_pmu_event_init,
 		.pmu_enable	= hisi_uncore_pmu_enable,
-- 
2.25.1


  parent reply	other threads:[~2020-07-20 21:44 UTC|newest]

Thread overview: 40+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-20 21:36 [PATCH AUTOSEL 5.7 01/40] HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 02/40] HID: alps: support devices with report id 2 Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 03/40] dmaengine: ti: k3-udma: Fix cleanup code for alloc_chan_resources Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 04/40] dmaengine: ti: k3-udma: Fix the running channel handling in alloc_chan_resources Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 05/40] HID: steam: fixes race in handling device list Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 06/40] dmaengine: ti: k3-udma: add missing put_device() call in of_xudma_dev_get() Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 07/40] dmaengine: idxd: fix hw descriptor fields for delta record Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 08/40] HID: apple: Disable Fn-key key-re-mapping on clone keyboards Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 09/40] dmaengine: tegra210-adma: Fix runtime PM imbalance on error Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 10/40] soc: amlogic: meson-gx-socinfo: Fix S905X3 and S905D3 ID's Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 11/40] Input: add `SW_MACHINE_COVER` Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 12/40] ARM: dts: n900: remove mmc1 card detect gpio Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 13/40] spi: mediatek: use correct SPI_CFG2_REG MACRO Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 14/40] regmap: dev_get_regmap_match(): fix string comparison Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 15/40] hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 16/40] dmaengine: fsl-edma: fix wrong tcd endianness for big-endian cpu Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 17/40] dmaengine: ioat setting ioat timeout as module parameter Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 18/40] Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 19/40] Input: elan_i2c - only increment wakeup count on touch Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 20/40] usb: dwc3: pci: add support for the Intel Tiger Lake PCH -H variant Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 21/40] usb: dwc3: pci: add support for the Intel Jasper Lake Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 22/40] usb: gadget: udc: gr_udc: fix memleak on error handling path in gr_ep_init() Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 23/40] usb: cdns3: ep0: fix some endian issues Sasha Levin
2020-07-20 21:36 ` [PATCH AUTOSEL 5.7 24/40] usb: cdns3: trace: " Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 25/40] hwmon: (adm1275) Make sure we are reading enough data for different chips Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 26/40] drm/amdgpu/gfx10: fix race condition for kiq Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 27/40] drm/amdgpu: fix preemption unit test Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 28/40] hwmon: (nct6775) Accept PECI Calibration as temperature source for NCT6798D Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 29/40] platform/x86: ISST: Add new PCI device ids Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 30/40] platform/x86: asus-wmi: allow BAT1 battery name Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 31/40] hwmon: (scmi) Fix potential buffer overflow in scmi_hwmon_probe() Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 32/40] ALSA: hda/realtek - fixup for yet another Intel reference board Sasha Levin
2020-07-20 21:37 ` Sasha Levin [this message]
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 34/40] arm64: Use test_tsk_thread_flag() for checking TIF_SINGLESTEP Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 35/40] x86: math-emu: Fix up 'cmp' insn for clang ias Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 36/40] asm-generic/mmiowb: Allow mmiowb_set_pending() when preemptible() Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 37/40] drivers/perf: Prevent forced unbinding of PMU drivers Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 38/40] RISC-V: Upgrade smp_mb__after_spinlock() to iorw,iorw Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 39/40] SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO compeletion") Sasha Levin
2020-07-20 21:37 ` [PATCH AUTOSEL 5.7 40/40] x86/boot: Don't add the EFI stub to targets Sasha Levin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200720213715.406997-33-sashal@kernel.org \
    --to=sashal@kernel.org \
    --cc=john.garry@huawei.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=liuqi115@huawei.com \
    --cc=stable@vger.kernel.org \
    --cc=wang.wanghaifeng@huawei.com \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).