lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1331ed7d-150a-498f-b8c8-50c9daeb306a@intel.com>
Date: Tue, 9 Apr 2024 17:00:40 -0700
From: Jacob Keller <jacob.e.keller@...el.com>
To: Brett Creeley <brett.creeley@....com>, <edumazet@...gle.com>,
	<kuba@...nel.org>, <pabeni@...hat.com>, <netdev@...r.kernel.org>
CC: <shannon.nelson@....com>
Subject: Re: [PATCH v2 net] pds_core: Fix pdsc_check_pci_health function to
 use work thread



On 4/8/2024 9:35 AM, Brett Creeley wrote:
> When the driver notices fw_status == 0xff it tries to perform a PCI
> reset on itself via pci_reset_function() in the context of the driver's
> health thread. However, pdsc_reset_prepare calls
> pdsc_stop_health_thread(), which attempts to stop/flush the health
> thread. This results in a deadlock because the stop/flush will never
> complete since the driver called pci_reset_function() from the health
> thread context. Fix by changing the pdsc_check_pci_health_function()
> to queue a newly introduced pdsc_pci_reset_thread() on the pdsc's
> work queue.
> 
> Unloading the driver in the fw_down/dead state uncovered another issue,
> which can be seen in the following trace:
> 
> WARNING: CPU: 51 PID: 6914 at kernel/workqueue.c:1450 __queue_work+0x358/0x440
> [...]
> RIP: 0010:__queue_work+0x358/0x440
> [...]
> Call Trace:
>  <TASK>
>  ? __warn+0x85/0x140
>  ? __queue_work+0x358/0x440
>  ? report_bug+0xfc/0x1e0
>  ? handle_bug+0x3f/0x70
>  ? exc_invalid_op+0x17/0x70
>  ? asm_exc_invalid_op+0x1a/0x20
>  ? __queue_work+0x358/0x440
>  queue_work_on+0x28/0x30
>  pdsc_devcmd_locked+0x96/0xe0 [pds_core]
>  pdsc_devcmd_reset+0x71/0xb0 [pds_core]
>  pdsc_teardown+0x51/0xe0 [pds_core]
>  pdsc_remove+0x106/0x200 [pds_core]
>  pci_device_remove+0x37/0xc0
>  device_release_driver_internal+0xae/0x140
>  driver_detach+0x48/0x90
>  bus_remove_driver+0x6d/0xf0
>  pci_unregister_driver+0x2e/0xa0
>  pdsc_cleanup_module+0x10/0x780 [pds_core]
>  __x64_sys_delete_module+0x142/0x2b0
>  ? syscall_trace_enter.isra.18+0x126/0x1a0
>  do_syscall_64+0x3b/0x90
>  entry_SYSCALL_64_after_hwframe+0x72/0xdc
> RIP: 0033:0x7fbd9d03a14b
> [...]
> 
> Fix this by preventing the devcmd reset if the FW is not running.
> 

Reviewed-by: Jacob Keller <jacob.e.keller@...el.com>


> Fixes: d9407ff11809 ("pds_core: Prevent health thread from running during reset/remove")
> Reviewed-by: Shannon Nelson <shannon.nelson@....com>
> Signed-off-by: Brett Creeley <brett.creeley@....com>
> ---

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ