From: Sumeet Pawnikar sumeet4linux@gmail.com

[ Upstream commit 7bda1910c4bccd4b8d4726620bb3d6bbfb62286e ]

The device becomes visible to userspace via device_register() even before it fully initialized by idr_init(). If userspace or another thread tries to register a zone immediately after device_register(), the control_type_valid() will fail because the control_type is not yet in the list. The IDR is not yet initialized, so this race condition causes zone registration failure.

Move idr_init() and list addition before device_register() fix the race condition.

Signed-off-by: Sumeet Pawnikar sumeet4linux@gmail.com [ rjw: Subject adjustment, empty line added ] Link: https://patch.msgid.link/20251205190216.5032-1-sumeet4linux@gmail.com Signed-off-by: Rafael J. Wysocki rafael.j.wysocki@intel.com Signed-off-by: Sasha Levin sashal@kernel.org ---

LLM Generated explanations, may be completely bogus:

This confirms the race condition mechanism:

1. `control_type_valid()` walks `powercap_cntrl_list` to validate control types (lines 329-345) 2. Called at `powercap_register_zone()` entry (line 497) 3. **Race window**: After `device_register()` but before `list_add_tail()`, any zone registration fails because the control_type isn't in the list yet

### 8. FINAL ASSESSMENT

| Criteria | Assessment | |----------|------------| | Fixes a real bug | ✅ Race condition causing zone registration failure | | Obviously correct | ✅ Classic init-before-publish pattern | | Small and contained | ✅ ~20 lines in one function | | No new features | ✅ Only reorders existing code | | No new APIs | ✅ No userspace-visible changes | | Low regression risk | ✅ Standard pattern, proper error handling | | Affects stable users | ✅ Powercap used on many Intel systems |

**Why this matters to stable users:** - Intel RAPL (Running Average Power Limit) uses powercap - Common on laptops and servers for power management - Race can cause power capping features to fail during boot/module load - This is an existing bug that has been present since powercap was introduced

**Risk vs Benefit:** - **Benefit**: Fixes a real race that causes functional failures - **Risk**: Very low - the fix follows standard kernel patterns and adds proper cleanup - **Trade-off**: Strongly favors backporting

**Concerns:** - No dependencies on other commits - The change is self-contained and should apply cleanly to stable trees - The powercap subsystem has existed since kernel 3.11, so applicable to all current stable trees

The fix is small, surgical, obviously correct, and addresses a real race condition that can cause user-visible failures. It meets all stable kernel criteria.

**YES**

drivers/powercap/powercap_sys.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/drivers/powercap/powercap_sys.c b/drivers/powercap/powercap_sys.c index 4112a0097338..d14b36b75189 100644 --- a/drivers/powercap/powercap_sys.c +++ b/drivers/powercap/powercap_sys.c @@ -625,17 +625,23 @@ struct powercap_control_type *powercap_register_control_type( INIT_LIST_HEAD(&control_type->node); control_type->dev.class = &powercap_class; dev_set_name(&control_type->dev, "%s", name); - result = device_register(&control_type->dev); - if (result) { - put_device(&control_type->dev); - return ERR_PTR(result); - } idr_init(&control_type->idr);

mutex_lock(&powercap_cntrl_list_lock); list_add_tail(&control_type->node, &powercap_cntrl_list); mutex_unlock(&powercap_cntrl_list_lock);

+ result = device_register(&control_type->dev); + if (result) { + mutex_lock(&powercap_cntrl_list_lock); + list_del(&control_type->node); + mutex_unlock(&powercap_cntrl_list_lock); + + idr_destroy(&control_type->idr); + put_device(&control_type->dev); + return ERR_PTR(result); + } + return control_type; } EXPORT_SYMBOL_GPL(powercap_register_control_type);