linux/drivers
Krzysztof Kozlowski bdbe814454 power: charger-manager: Fix accessing invalidated power supply after fuel gauge unbind
The charger manager obtained reference to fuel gauge power supply in probe
with power_supply_get_by_name() for later usage. However if fuel gauge
driver was removed and re-added then this reference would point to old
power supply (from driver which was removed).

This lead to accessing old (and probably invalid) memory which could be
observed with:
$ echo "12-0036" > /sys/bus/i2c/drivers/max17042/unbind
$ echo "12-0036" > /sys/bus/i2c/drivers/max17042/bind
$ cat /sys/devices/virtual/power_supply/battery/capacity
[  240.480084] INFO: task cat:1393 blocked for more than 120 seconds.
[  240.484799]       Not tainted 3.17.0-next-20141007-00028-ge60b6dd79570 #203
[  240.491782] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  240.499589] cat             D c0469530     0  1393      1 0x00000000
[  240.505947] [<c0469530>] (__schedule) from [<c0469d3c>] (schedule_preempt_disabled+0x14/0x20)
[  240.514449] [<c0469d3c>] (schedule_preempt_disabled) from [<c046af08>] (mutex_lock_nested+0x1bc/0x458)
[  240.523736] [<c046af08>] (mutex_lock_nested) from [<c0287a98>] (regmap_read+0x30/0x60)
[  240.531647] [<c0287a98>] (regmap_read) from [<c032238c>] (max17042_get_property+0x2e8/0x350)
[  240.540055] [<c032238c>] (max17042_get_property) from [<c03247d8>] (charger_get_property+0x264/0x348)
[  240.549252] [<c03247d8>] (charger_get_property) from [<c0320764>] (power_supply_show_property+0x48/0x1e0)
[  240.558808] [<c0320764>] (power_supply_show_property) from [<c027308c>] (dev_attr_show+0x1c/0x48)
[  240.567664] [<c027308c>] (dev_attr_show) from [<c0141fb0>] (sysfs_kf_seq_show+0x84/0x104)
[  240.575814] [<c0141fb0>] (sysfs_kf_seq_show) from [<c0140b18>] (kernfs_seq_show+0x24/0x28)
[  240.584061] [<c0140b18>] (kernfs_seq_show) from [<c0104574>] (seq_read+0x1b0/0x484)
[  240.591702] [<c0104574>] (seq_read) from [<c00e1e24>] (vfs_read+0x88/0x144)
[  240.598640] [<c00e1e24>] (vfs_read) from [<c00e1f20>] (SyS_read+0x40/0x8c)
[  240.605507] [<c00e1f20>] (SyS_read) from [<c000e760>] (ret_fast_syscall+0x0/0x48)
[  240.612952] 4 locks held by cat/1393:
[  240.616589]  #0:  (&p->lock){+.+.+.}, at: [<c01043f4>] seq_read+0x30/0x484
[  240.623414]  #1:  (&of->mutex){+.+.+.}, at: [<c01417dc>] kernfs_seq_start+0x1c/0x8c
[  240.631086]  #2:  (s_active#31){++++.+}, at: [<c01417e4>] kernfs_seq_start+0x24/0x8c
[  240.638777]  #3:  (&map->mutex){+.+...}, at: [<c0287a98>] regmap_read+0x30/0x60

The charger-manager should get reference to fuel gauge power supply on
each use of get_property callback. The thermal zone 'tzd' field of
power supply should not be used because of the same reason.

Additionally this change solves also the issue with nested
thermal_zone_get_temp() calls and related false lockdep positive for
deadlock for thermal zone's mutex [1]. When fuel gauge is used as source of
temperature then the charger manager forwards its get_temp calls to fuel
gauge thermal zone. So actually different mutexes are used (one for
charger manager thermal zone and second for fuel gauge thermal zone) but
for lockdep this is one class of mutex.

The recursion is removed by retrieving temperature through power
supply's get_property().

In case external thermal zone is used ('cm-thermal-zone' property is
present in DTS) the recursion does not exist. Charger manager simply
exports POWER_SUPPLY_PROP_TEMP_AMBIENT property (instead of
POWER_SUPPLY_PROP_TEMP) thus no thermal zone is created for this power
supply.

[1] https://lkml.org/lkml/2014/10/6/309

Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Cc: <stable@vger.kernel.org>
Fixes: 3bb3dbbd56 ("power_supply: Add initial Charger-Manager driver")
Signed-off-by: Sebastian Reichel <sre@kernel.org>
2014-10-28 03:30:20 +01:00
..
accessibility
acpi Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2014-08-29 17:22:27 -07:00
amba
ata libata: widen Crucial M550 blacklist matching 2014-08-18 17:40:09 -04:00
atm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-08-13 18:27:40 -06:00
auxdisplay
base Merge remote-tracking branches 'regmap/fix/cache', 'regmap/fix/debugfs' and 'regmap/fix/volatile' into regmap-linus 2014-08-31 13:23:45 +01:00
bcma bcma: use NS prefix for names of Northstar specific cores 2014-07-31 13:45:32 -04:00
block Merge branch 'akpm' (fixes from Andrew Morton) 2014-08-29 16:28:29 -07:00
bluetooth Bluetooth: Fix crash in the Marvell driver initialization codepath 2014-07-31 01:07:28 +02:00
bus bus: arm-ccn: Fix warning message 2014-08-24 11:28:30 -07:00
cdrom
char virtio: rng: add derating factor for use by hwrng core 2014-08-15 10:26:01 +05:30
clk ARM: SoC platform changes for 3.17 2014-08-08 11:14:29 -07:00
clocksource ARM: SoC platform changes for 3.17 2014-08-08 11:14:29 -07:00
connector
cpufreq cpufreq: s5pv210: Remove spurious __init annotation 2014-08-28 01:30:55 +02:00
cpuidle ARM: 8130/1: cpuidle/cpuidle-big_little: fix reading cpu id part number 2014-08-27 15:40:45 +01:00
crypto PCI changes for the v3.17 merge window (part 2): 2014-08-14 18:10:33 -06:00
dca
devfreq
dio
dma Merge branch 'for-linus' of git://git.infradead.org/users/vkoul/slave-dma 2014-08-11 07:14:01 -07:00
dma-buf dma-buf/fence: Fix a kerneldoc warning 2014-08-28 11:59:09 +05:30
edac Merge branch 'linux_next' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-edac 2014-08-15 17:56:45 -06:00
eisa
extcon
firewire Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-08-06 09:38:14 -07:00
firmware firmware: Do not use WARN_ON(!spin_is_locked()) 2014-08-22 08:45:40 +01:00
fmc
gpio gpio: bt8xx: fix release of managed resources 2014-08-29 14:31:43 +02:00
gpu Merge branch 'linux-3.17' of git://anongit.freedesktop.org/git/nouveau/linux-2.6 into drm-fixes 2014-09-05 09:27:33 +10:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid 2014-08-27 09:38:06 -07:00
hsi HSI changes for the v3.17 series 2014-08-06 20:06:14 -07:00
hv Char / Misc driver patches for 3.17-rc1 2014-08-04 17:32:24 -07:00
hwmon hwmon: (ds1621) Update zbits after conversion rate change 2014-08-28 11:18:47 -07:00
hwspinlock hwspinlock: enable OMAP build for AM33xx, AM43xx & DRA7xx 2014-07-29 11:46:28 +03:00
i2c Revert "i2c: rcar: remove spinlock" 2014-09-04 19:59:42 +02:00
ide ide: use module_platform_driver() 2014-08-05 21:16:46 -07:00
idle intel_idle: Broadwell support 2014-08-15 17:06:40 -04:00
iio Staging driver patches for 3.17-rc1 2014-08-04 18:36:12 -07:00
infiniband PCI changes for the v3.17 merge window (part 2): 2014-08-14 18:10:33 -06:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2014-09-03 17:26:12 -07:00
iommu iommu/core: Check for the right function pointer in iommu_map() 2014-08-19 00:19:26 +02:00
ipack
irqchip ARM: SoC platform changes for 3.17 2014-08-08 11:14:29 -07:00
isdn drivers: isdn: eicon: xdi_msg.h: Fix typo in #ifndef 2014-08-22 11:31:30 -07:00
leds Revert "leds: convert blink timer to workqueue" 2014-09-02 10:02:13 -07:00
lguest mm/vmalloc.c: clean up map_vm_area third argument 2014-08-06 18:01:19 -07:00
macintosh == Changes to existing drivers == 2014-08-07 17:23:16 -07:00
mailbox mailbox/omap: add a parent structure for every IP instance 2014-07-29 01:57:25 -07:00
mcb
md dm crypt: fix access beyond the end of allocated space 2014-08-28 14:24:09 -04:00
media media: use pci_zalloc_consistent 2014-08-08 15:57:28 -07:00
memory memory: Freescale CoreNet Coherency Fabric error reporting driver 2014-07-29 19:26:30 -05:00
memstick
message
mfd Immutable branch between MFD, Power, Charger and Regulator for v3.18 2014-09-25 01:55:14 +02:00
misc mei: nfc: fix memory leak in error path 2014-08-25 13:16:23 -07:00
mmc PCI changes for the v3.17 merge window (part 2): 2014-08-14 18:10:33 -06:00
mtd mtd: nand: omap: Fix 1-bit Hamming code scheme, omap_calculate_ecc() 2014-08-25 16:15:33 -07:00
net net: ethernet: broadcom: bnx2x: Remove redundant #ifdef 2014-08-22 11:29:58 -07:00
nfc
ntb
nubus
of of/irq: Fix lookup to use 'interrupts-extended' property first 2014-08-16 09:03:58 +01:00
oprofile
parisc
parport drivers/parport/parport_ip32.c: use PTR_ERR_OR_ZERO 2014-08-08 15:57:25 -07:00
pci PCI update for v3.17: 2014-09-03 08:45:48 -07:00
pcmcia Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2014-08-07 08:50:34 -07:00
phy ARM: SoC driver changes for 3.17 2014-08-08 11:34:32 -07:00
pinctrl pinctrl: exynos: Lock GPIOs as interrupts when used as EINTs 2014-08-21 07:24:29 -05:00
platform toshiba_acpi: fix and cleanup toshiba_kbd_bl_mode_store() 2014-09-03 10:45:12 -07:00
pnp ACPI / PNP: Fix acpi_pnp_match() 2014-07-30 00:23:09 +02:00
power power: charger-manager: Fix accessing invalidated power supply after fuel gauge unbind 2014-10-28 03:30:20 +01:00
powercap
pps
ps3
ptp PCI: Remove DEFINE_PCI_DEVICE_TABLE macro use 2014-08-12 12:15:14 -06:00
pwm pwm: Fix period and polarity in pwm_get() for non-perfect matches 2014-08-18 10:58:43 +02:00
rapidio PCI: Remove DEFINE_PCI_DEVICE_TABLE macro use 2014-08-12 12:15:14 -06:00
ras
regulator regulator/mfd: max14577: Export symbols for calculating charger current 2014-09-24 15:25:47 +01:00
remoteproc
reset
rpmsg
rtc drivers/rtc/rtc-s5m.c: re-add support for devices without irq specified 2014-08-29 16:28:16 -07:00
s390 s390/sclp: remove unnecessary XTABS flag 2014-08-15 09:01:20 +02:00
sbus Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc 2014-08-05 18:57:18 -07:00
scsi Merge branch 'for-linus' of git://git.kernel.dk/linux-block 2014-08-29 11:21:49 -07:00
sfi
sh sh: intc: Confine SH_INTC to platforms that need it 2014-08-22 12:28:16 +09:00
sn
soc
spi Merge remote-tracking branch 'spi/fix/sh-msiof' into spi-linus 2014-08-31 13:46:19 +01:00
spmi
ssb
staging USB fixes for 3.17-rc3 2014-08-29 12:10:03 -07:00
target SCSI misc on 20140806 2014-08-06 20:10:32 -07:00
tc
thermal
thunderbolt thunderbolt: Clear hops before overwriting 2014-08-26 14:54:48 -07:00
tty The branch contains the following device tree changes the v3.17 merge 2014-08-14 09:53:39 -06:00
uio
usb USB: fix build error with CONFIG_PM_RUNTIME disabled 2014-08-27 16:55:29 -07:00
uwb uwb/whci: use correct structure type name in sizeof 2014-08-01 15:48:08 -07:00
vfio drivers/vfio: Enable VFIO if EEH is not supported 2014-08-08 10:39:16 -06:00
vhost
video fbdev fixes for 3.17 2014-08-29 11:59:46 -07:00
virt
virtio
vlynq
vme vme: bridges: use pci_zalloc_consistent 2014-08-08 15:57:30 -07:00
w1
watchdog watchdog: sunxi: register restart handler with kernel restart handler 2014-09-26 00:00:42 -07:00
xen PCI: Remove DEFINE_PCI_DEVICE_TABLE macro use 2014-08-12 12:15:14 -06:00
zorro
Kconfig Char / Misc driver patches for 3.17-rc1 2014-08-04 17:32:24 -07:00
Makefile Driver core patches for 3.17-rc1 2014-08-04 18:34:04 -07:00