| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1410785727-659-1-git-send-email-nikolay@redhat.com>
Date: Mon, 15 Sep 2014 14:55:27 +0200
From: Nikolay Aleksandrov <nikolay@...hat.com>
To: netdev@...r.kernel.org
Cc: davem@...emloft.net, Nikolay Aleksandrov <nikolay@...hat.com>,
Ben Hutchings <ben@...adent.org.uk>,
Shradha Shah <sshah@...arflare.com>,
Solarflare linux maintainers <linux-net-drivers@...arflare.com>
Subject: [PATCH net] sfc: fix addr_list_lock spinlock use before init
When the module is initializing the ports it may call a function that
uses addr_list_lock before register_netdevice() has been called for that
port i.e. addr_list_lock is still uninitialized. The function in
question is efx_farch_filter_sync_rx_mode(), now it looks pointless to call
it before the port has been registered so alter the reconfigure_mac
callbacks to check if the port has been registered using the existing
efx_dev_registered() macro.
An example calltrace is (taken from net-next, but it's the same in net):
[ 79.454689] BUG: spinlock bad magic on CPU#1, insmod/9650
[ 79.455046] lock: 0xffff88005a61a250, .magic: 00000000, .owner:
<none>/-1, .owner_cpu: 0
[ 79.455488] CPU: 1 PID: 9650 Comm: insmod Tainted: G O
3.17.0-rc4+ #30
[ 79.455937] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 79.456243] 0000000000000000 00000000a604ae4a ffff8800048239f8
ffffffff81731149
[ 79.457476] 0000000000000000 ffff880004823a18 ffffffff8172d242
ffff88005a61a250
[ 79.458126] ffffffff81a39357 ffff880004823a38 ffffffff8172d26d
ffff88005a61a250
[ 79.458761] Call Trace:
[ 79.458987] [<ffffffff81731149>] dump_stack+0x4d/0x66
[ 79.459259] [<ffffffff8172d242>] spin_dump+0x91/0x96
[ 79.459526] [<ffffffff8172d26d>] spin_bug+0x26/0x2b
[ 79.459788] [<ffffffff810d7e67>] do_raw_spin_lock+0x127/0x140
[ 79.460069] [<ffffffff8173812a>] _raw_spin_lock_bh+0x1a/0x20
[ 79.460348] [<ffffffffa0203872>]
efx_farch_filter_sync_rx_mode+0x32/0x100 [sfc]
[ 79.460790] [<ffffffffa0209735>] siena_mac_reconfigure+0x25/0xc0
[sfc]
[ 79.461087] [<ffffffffa020a1c2>] ? siena_init_nic+0x2b2/0x2c0 [sfc]
[ 79.461374] [<ffffffffa01fb7c5>] efx_pci_probe+0xb45/0x13c0 [sfc]
[ 79.461659] [<ffffffff813b8425>] local_pci_probe+0x45/0xa0
[ 79.461928] [<ffffffff813b9615>] ? pci_match_device+0xe5/0x110
[ 79.462211] [<ffffffff813b9779>] pci_device_probe+0xf9/0x150
[ 79.462486] [<ffffffff8148b93d>] driver_probe_device+0x12d/0x3d0
[ 79.462767] [<ffffffff8148bcb3>] __driver_attach+0x93/0xa0
[ 79.463043] [<ffffffff8148bc20>] ? __device_attach+0x40/0x40
[ 79.463316] [<ffffffff814897b3>] bus_for_each_dev+0x73/0xc0
[ 79.463590] [<ffffffff8148b33e>] driver_attach+0x1e/0x20
[ 79.463857] [<ffffffff8148af20>] bus_add_driver+0x180/0x250
[ 79.464137] [<ffffffffa023f000>] ? 0xffffffffa023f000
[ 79.464401] [<ffffffff8148c4c4>] driver_register+0x64/0xf0
[ 79.464674] [<ffffffff813b7db0>] __pci_register_driver+0x60/0x70
[ 79.464954] [<ffffffffa023f081>] efx_init_module+0x81/0x1000 [sfc]
[ 79.465244] [<ffffffff81002144>] do_one_initcall+0xd4/0x210
[ 79.465521] [<ffffffff811c7e24>] ? __vunmap+0x94/0x100
[ 79.466652] [<ffffffff811107cc>] load_module+0x1f3c/0x2570
[ 79.466978] [<ffffffff8110c460>] ? store_uevent+0x70/0x70
[ 79.467277] [<ffffffff81208d50>] ? kernel_read+0x50/0x80
[ 79.467554] [<ffffffff81110fd6>] SyS_finit_module+0xa6/0xd0
[ 79.467829] [<ffffffff81738929>] system_call_fastpath+0x16/0x1b
CC: Ben Hutchings <ben@...adent.org.uk>
CC: Shradha Shah <sshah@...arflare.com>
CC: Solarflare linux maintainers <linux-net-drivers@...arflare.com>
Fixes: 964e61355e94 ("sfc: Cleanup Falcon-arch simple MAC filter state")
Signed-off-by: Nikolay Aleksandrov <nikolay@...hat.com>
---
drivers/net/ethernet/sfc/falcon.c | 3 ++-
drivers/net/ethernet/sfc/siena.c | 3 ++-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/sfc/falcon.c b/drivers/net/ethernet/sfc/falcon.c
index 157037546d30..f8cff9ce3bc1 100644
--- a/drivers/net/ethernet/sfc/falcon.c
+++ b/drivers/net/ethernet/sfc/falcon.c
@@ -1210,7 +1210,8 @@ static int falcon_reconfigure_xmac(struct efx_nic *efx)
{
struct falcon_nic_data *nic_data = efx->nic_data;
- efx_farch_filter_sync_rx_mode(efx);
+ if (efx_dev_registered(efx))
+ efx_farch_filter_sync_rx_mode(efx);
falcon_reconfigure_xgxs_core(efx);
falcon_reconfigure_xmac_core(efx);
diff --git a/drivers/net/ethernet/sfc/siena.c b/drivers/net/ethernet/sfc/siena.c
index ae696855f21a..7d77590d09c9 100644
--- a/drivers/net/ethernet/sfc/siena.c
+++ b/drivers/net/ethernet/sfc/siena.c
@@ -593,7 +593,8 @@ static int siena_mac_reconfigure(struct efx_nic *efx)
MC_CMD_SET_MCAST_HASH_IN_HASH0_OFST +
sizeof(efx->multicast_hash));
- efx_farch_filter_sync_rx_mode(efx);
+ if (efx_dev_registered(efx))
+ efx_farch_filter_sync_rx_mode(efx);
WARN_ON(!mutex_is_locked(&efx->mac_lock));
--
1.9.3
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists