On 07.04.2025 14:08, Jarkko Sakkinen wrote:
On Mon, Apr 07, 2025 at 02:23:49PM +0300, Jarkko Sakkinen wrote:
On Mon, Apr 07, 2025 at 12:25:11PM +0200, Marek Szyprowski wrote:
On 07.04.2025 04:39, Jarkko Sakkinen wrote:
From: Jarkko Sakkinen jarkko.sakkinen@opinsys.com
Add an isolated list of unreferenced keys to be queued for deletion, and try to pin the keys in the garbage collector before processing anything. Skip unpinnable keys.
Use this list for blocking the reaping process during the teardown:
- First off, the keys added to `keys_graveyard` are snapshotted, and the list is flushed. This the very last step in `key_put()`.
- `key_put()` reaches zero. This will mark key as busy for the garbage collector.
- `key_garbage_collector()` will try to increase refcount, which won't go above zero. Whenever this happens, the key will be skipped.
Cc: stable@vger.kernel.org # v6.1+ Signed-off-by: Jarkko Sakkinen jarkko.sakkinen@opinsys.com
This patch landed in today's linux-next as commit b0d023797e3e ("keys: Add a list for unreferenced keys"). In my tests I found that it triggers the following lockdep issue:
================================ WARNING: inconsistent lock state 6.15.0-rc1-next-20250407 #15630 Not tainted
inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. ksoftirqd/3/32 [HC0[0]:SC1[1]:HE1:SE0] takes: c13fdd68 (key_serial_lock){+.?.}-{2:2}, at: key_put+0x74/0x128 {SOFTIRQ-ON-W} state was registered at: lock_acquire+0x134/0x384 _raw_spin_lock+0x38/0x48 key_alloc+0x2fc/0x4d8 keyring_alloc+0x40/0x90 system_trusted_keyring_init+0x50/0x7c do_one_initcall+0x68/0x314 kernel_init_freeable+0x1c0/0x224 kernel_init+0x1c/0x12c ret_from_fork+0x14/0x28 irq event stamp: 234 hardirqs last enabled at (234): [<c0cb7060>] _raw_spin_unlock_irqrestore+0x5c/0x60 hardirqs last disabled at (233): [<c0cb6dd0>] _raw_spin_lock_irqsave+0x64/0x68 softirqs last enabled at (42): [<c013bcd8>] handle_softirqs+0x328/0x520 softirqs last disabled at (47): [<c013bf10>] run_ksoftirqd+0x40/0x68
OK what went to -next went there by accident and has been removed, sorry. I think it was like the very first version of this patch.
Thanks for informing anyhow!
Testing branch: https://web.git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/l...
I updated my next this morning so should be fixed soon...
I've just checked that branch and it still triggers lockdep issue. The following change is needed to get it fixed:
diff --git a/security/keys/gc.c b/security/keys/gc.c index 0a3beb68633c..b22dc93eb4b4 100644 --- a/security/keys/gc.c +++ b/security/keys/gc.c @@ -302,9 +302,9 @@ static void key_garbage_collector(struct work_struct *work) key_schedule_gc(new_timer); }
- spin_lock(&key_graveyard_lock); + spin_lock_irqsave(&key_graveyard_lock, flags); list_splice_init(&key_graveyard, &graveyard); - spin_unlock(&key_graveyard_lock); + spin_unlock_irqrestore(&key_graveyard_lock, flags);
if (unlikely(gc_state & KEY_GC_REAPING_DEAD_2) || !list_empty(&graveyard)) {
Best regards