Commit 102c4e58 authored by Andrey Konovalov's avatar Andrey Konovalov Committed by Greg Kroah-Hartman
Browse files

usb: gadget: dummy_hcd: execute hrtimer callback in softirq context 



[ Upstream commit 9313d139 ]

Commit a7f3813e ("usb: gadget: dummy_hcd: Switch to hrtimer transfer
scheduler") switched dummy_hcd to use hrtimer and made the timer's
callback be executed in the hardirq context.

With that change, __usb_hcd_giveback_urb now gets executed in the hardirq
context, which causes problems for KCOV and KMSAN.

One problem is that KCOV now is unable to collect coverage from
the USB code that gets executed from the dummy_hcd's timer callback,
as KCOV cannot collect coverage in the hardirq context.

Another problem is that the dummy_hcd hrtimer might get triggered in the
middle of a softirq with KCOV remote coverage collection enabled, and that
causes a WARNING in KCOV, as reported by syzbot. (I sent a separate patch
to shut down this WARNING, but that doesn't fix the other two issues.)

Finally, KMSAN appears to ignore tracking memory copying operations
that happen in the hardirq context, which causes false positive
kernel-infoleaks, as reported by syzbot.

Change the hrtimer in dummy_hcd to execute the callback in the softirq
context.

Reported-by: default avatar <syzbot+2388cdaeb6b10f0c13ac@syzkaller.appspotmail.com>
Closes: https://syzkaller.appspot.com/bug?extid=2388cdaeb6b10f0c13ac


Reported-by: default avatar <syzbot+17ca2339e34a1d863aad@syzkaller.appspotmail.com>
Closes: https://syzkaller.appspot.com/bug?extid=17ca2339e34a1d863aad


Reported-by: default avatar <syzbot+c793a7eca38803212c61@syzkaller.appspotmail.com>
Closes: https://syzkaller.appspot.com/bug?extid=c793a7eca38803212c61


Reported-by: default avatar <syzbot+1e6e0b916b211bee1bd6@syzkaller.appspotmail.com>
Closes: https://syzkaller.appspot.com/bug?extid=1e6e0b916b211bee1bd6


Reported-by: default avatarkernel test robot <oliver.sang@intel.com>
Closes: https://lore.kernel.org/oe-lkp/202406141323.413a90d2-lkp@intel.com


Fixes: a7f3813e ("usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler")
Cc: stable@vger.kernel.org
Acked-by: default avatarMarcello Sylvester Bauer <sylv@sylv.io>
Signed-off-by: default avatarAndrey Konovalov <andreyknvl@gmail.com>
Reported-by: default avatar <syzbot+edd9fe0d3a65b14588d5@syzkaller.appspotmail.com>
Closes: https://syzkaller.appspot.com/bug?extid=edd9fe0d3a65b14588d5
Link: https://lore.kernel.org/r/20240904013051.4409-1-andrey.konovalov@linux.dev


Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent 5b966c61
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment