proxmox-mirrors/mirror_ubuntu-kernels
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_ubuntu-kernels.git synced 2025-12-10 10:48:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
d34c54d173
mirror_ubuntu-kernels/drivers/net/ethernet/intel/ice
History
Marta Plantykow f65ee535df ice: avoid bpf_prog refcount underflow 
Ice driver has the routines for managing XDP resources that are shared
between ndo_bpf op and VSI rebuild flow. The latter takes place for
example when user changes queue count on an interface via ethtool's
set_channels().

There is an issue around the bpf_prog refcounting when VSI is being
rebuilt - since ice_prepare_xdp_rings() is called with vsi->xdp_prog as
an argument that is used later on by ice_vsi_assign_bpf_prog(), same
bpf_prog pointers are swapped with each other. Then it is also
interpreted as an 'old_prog' which in turn causes us to call
bpf_prog_put on it that will decrement its refcount.

Below splat can be interpreted in a way that due to zero refcount of a
bpf_prog it is wiped out from the system while kernel still tries to
refer to it:

[  481.069429] BUG: unable to handle page fault for address: ffffc9000640f038
[  481.077390] #PF: supervisor read access in kernel mode
[  481.083335] #PF: error_code(0x0000) - not-present page
[  481.089276] PGD 100000067 P4D 100000067 PUD 1001cb067 PMD 106d2b067 PTE 0
[  481.097141] Oops: 0000 [#1] PREEMPT SMP PTI
[  481.101980] CPU: 12 PID: 3339 Comm: sudo Tainted: G           OE     5.15.0-rc5+ #1
[  481.110840] Hardware name: Intel Corp. GRANTLEY/GRANTLEY, BIOS GRRFCRB1.86B.0276.D07.1605190235 05/19/2016
[  481.122021] RIP: 0010:dev_xdp_prog_id+0x25/0x40
[  481.127265] Code: 80 00 00 00 00 0f 1f 44 00 00 89 f6 48 c1 e6 04 48 01 fe 48 8b 86 98 08 00 00 48 85 c0 74 13 48 8b 50 18 31 c0 48 85 d2 74 07 <48> 8b 42 38 8b 40 20 c3 48 8b 96 90 08 00 00 eb e8 66 2e 0f 1f 84
[  481.148991] RSP: 0018:ffffc90007b63868 EFLAGS: 00010286
[  481.155034] RAX: 0000000000000000 RBX: ffff889080824000 RCX: 0000000000000000
[  481.163278] RDX: ffffc9000640f000 RSI: ffff889080824010 RDI: ffff889080824000
[  481.171527] RBP: ffff888107af7d00 R08: 0000000000000000 R09: ffff88810db5f6e0
[  481.179776] R10: 0000000000000000 R11: ffff8890885b9988 R12: ffff88810db5f4bc
[  481.188026] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  481.196276] FS:  00007f5466d5bec0(0000) GS:ffff88903fb00000(0000) knlGS:0000000000000000
[  481.205633] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  481.212279] CR2: ffffc9000640f038 CR3: 000000014429c006 CR4: 00000000003706e0
[  481.220530] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  481.228771] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  481.237029] Call Trace:
[  481.239856]  rtnl_fill_ifinfo+0x768/0x12e0
[  481.244602]  rtnl_dump_ifinfo+0x525/0x650
[  481.249246]  ? __alloc_skb+0xa5/0x280
[  481.253484]  netlink_dump+0x168/0x3c0
[  481.257725]  netlink_recvmsg+0x21e/0x3e0
[  481.262263]  ____sys_recvmsg+0x87/0x170
[  481.266707]  ? __might_fault+0x20/0x30
[  481.271046]  ? _copy_from_user+0x66/0xa0
[  481.275591]  ? iovec_from_user+0xf6/0x1c0
[  481.280226]  ___sys_recvmsg+0x82/0x100
[  481.284566]  ? sock_sendmsg+0x5e/0x60
[  481.288791]  ? __sys_sendto+0xee/0x150
[  481.293129]  __sys_recvmsg+0x56/0xa0
[  481.297267]  do_syscall_64+0x3b/0xc0
[  481.301395]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  481.307238] RIP: 0033:0x7f5466f39617
[  481.311373] Code: 0c 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb bd 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2f 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[  481.342944] RSP: 002b:00007ffedc7f4308 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  481.361783] RAX: ffffffffffffffda RBX: 00007ffedc7f5460 RCX: 00007f5466f39617
[  481.380278] RDX: 0000000000000000 RSI: 00007ffedc7f5360 RDI: 0000000000000003
[  481.398500] RBP: 00007ffedc7f53f0 R08: 0000000000000000 R09: 000055d556f04d50
[  481.416463] R10: 0000000000000077 R11: 0000000000000246 R12: 00007ffedc7f5360
[  481.434131] R13: 00007ffedc7f5350 R14: 00007ffedc7f5344 R15: 0000000000000e98
[  481.451520] Modules linked in: ice(OE) af_packet binfmt_misc nls_iso8859_1 ipmi_ssif intel_rapl_msr intel_rapl_common x86_pkg_temp_thermal intel_powerclamp mxm_wmi mei_me coretemp mei ipmi_si ipmi_msghandler wmi acpi_pad acpi_power_meter ip_tables x_tables autofs4 crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel ahci crypto_simd cryptd libahci lpc_ich [last unloaded: ice]
[  481.528558] CR2: ffffc9000640f038
[  481.542041] ---[ end trace d1f24c9ecf5b61c1 ]---

Fix this by only calling ice_vsi_assign_bpf_prog() inside
ice_prepare_xdp_rings() when current vsi->xdp_prog pointer is NULL.
This way set_channels() flow will not attempt to swap the vsi->xdp_prog
pointers with itself.

Also, sprinkle around some comments that provide a reasoning about
correlation between driver and kernel in terms of bpf_prog refcount.

Fixes: efc2214b60 ("ice: Add support for XDP")
Reviewed-by: Alexander Lobakin <alexandr.lobakin@intel.com>
Signed-off-by: Marta Plantykow <marta.a.plantykow@intel.com>
Co-developed-by: Maciej Fijalkowski <maciej.fijalkowski@intel.com>
Signed-off-by: Maciej Fijalkowski <maciej.fijalkowski@intel.com>
Tested-by: Kiran Bhandare <kiranx.bhandare@intel.com>
Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
2021-11-22 08:35:36 -08:00
..
ice_adminq_cmd.h ice: Add support to print error on PHY FW load failure 2021-10-28 11:00:20 -07:00
ice_arfs.c ice: make use of ice_for_each_* macros 2021-10-15 07:39:03 -07:00
ice_arfs.h ice: use static inline for dummy functions 2021-06-07 08:59:01 -07:00
ice_base.c ice: Fix not stopping Tx queues for VFs 2021-11-03 08:16:08 -07:00
ice_base.h ice: split ice_ring onto Tx/Rx separate structs 2021-10-15 07:39:02 -07:00
ice_common.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-10-22 11:41:16 +01:00
ice_common.h ice: Add support for SMA control multiplexer 2021-10-14 07:37:30 -07:00
ice_controlq.c ice: add support for sideband messages 2021-06-11 07:38:00 -07:00
ice_controlq.h ice: add support for sideband messages 2021-06-11 07:38:00 -07:00
ice_dcb_lib.c ice: Add infrastructure for mqprio support via ndo_setup_tc 2021-10-20 15:57:54 -07:00
ice_dcb_lib.h ice: Add infrastructure for mqprio support via ndo_setup_tc 2021-10-20 15:57:54 -07:00
ice_dcb_nl.c ice: Add feature bitmap, helpers and a check for DSCP 2021-09-28 09:42:04 -07:00
ice_dcb_nl.h ice: use static inline for dummy functions 2021-06-07 08:59:01 -07:00
ice_dcb.c ice: Add DSCP support 2021-09-28 09:42:04 -07:00
ice_dcb.h ice: Add DSCP support 2021-09-28 09:42:04 -07:00
ice_devids.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-10-22 11:41:16 +01:00
ice_devlink.c ice: Nuild fix. 2021-10-22 14:24:44 +01:00
ice_devlink.h ice: Move devlink port to PF/VF struct 2021-10-07 10:41:41 -07:00
ice_eswitch.c ice: Clear synchronized addrs when adding VFs in switchdev mode 2021-10-29 10:56:24 -07:00
ice_eswitch.h ice: split ice_ring onto Tx/Rx separate structs 2021-10-15 07:39:02 -07:00
ice_ethtool_fdir.c ice: use devm_kcalloc() instead of devm_kzalloc() 2021-10-19 10:53:28 -07:00
ice_ethtool.c ice: Hide bus-info in ethtool for PRs in switchdev mode 2021-10-29 11:43:15 -07:00
ice_fdir.c ice: Fix macro name for IPv4 fragment flag 2021-09-28 09:42:04 -07:00
ice_fdir.h ice: Fix macro name for IPv4 fragment flag 2021-09-28 09:42:04 -07:00
ice_flex_pipe.c ice: support for GRE in eswitch 2021-10-28 11:00:20 -07:00
ice_flex_pipe.h ice: create advanced switch recipe 2021-10-11 08:38:27 -07:00
ice_flex_type.h ice: support for GRE in eswitch 2021-10-28 11:00:20 -07:00
ice_flow.c ice: Support RSS configure removal for AVF 2021-04-22 09:26:22 -07:00
ice_flow.h ice: Support RSS configure removal for AVF 2021-04-22 09:26:22 -07:00
ice_fltr.c ice: Manage act flags for switchdev offloads 2021-10-19 10:53:26 -07:00
ice_fltr.h ice: Manage act flags for switchdev offloads 2021-10-19 10:53:26 -07:00
ice_fw_update.c ice: add error message when pldmfw_flash_image fails 2021-06-07 08:59:01 -07:00
ice_fw_update.h ice: add support for flash update overwrite mask 2020-09-25 17:20:57 -07:00
ice_hw_autogen.h ice: fix software generating extra interrupts 2021-10-19 10:45:17 -07:00
ice_idc_int.h ice: Implement iidc operations 2021-05-28 20:11:13 -07:00
ice_idc.c ice: Correctly deal with PFs that do not support RDMA 2021-09-10 09:58:55 +01:00
ice_lag.c ice: Respond to a NETDEV_UNREGISTER event for LAG 2021-10-25 13:44:37 -07:00
ice_lag.h ice: Add initial support framework for LAG 2021-02-08 16:27:01 -08:00
ice_lan_tx_rx.h ice: switchdev slow path 2021-10-07 10:41:42 -07:00
ice_lib.c ice: fix vsi->txq_map sizing 2021-11-22 08:33:54 -08:00
ice_lib.h ice: Remove boolean vlan_promisc flag from function 2021-10-29 10:48:16 -07:00
ice_main.c ice: avoid bpf_prog refcount underflow 2021-11-22 08:35:36 -08:00
ice_nvm.c ice: suppress false cppcheck issues 2021-04-14 17:12:17 -07:00
ice_nvm.h ice: display stored UNDI firmware version via devlink info 2021-02-05 11:44:16 -08:00
ice_osdep.h
ice_protocol_type.h ice: support for GRE in eswitch 2021-10-28 11:00:20 -07:00
ice_ptp_hw.c ice: Add support for SMA control multiplexer 2021-10-14 07:37:30 -07:00
ice_ptp_hw.h ice: Add support for SMA control multiplexer 2021-10-14 07:37:30 -07:00
ice_ptp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-10-28 10:43:58 -07:00
ice_ptp.h ice: split ice_ring onto Tx/Rx separate structs 2021-10-15 07:39:02 -07:00
ice_repr.c ice: Add support for changing MTU on PR in switchdev mode 2021-10-28 11:00:20 -07:00
ice_repr.h ice: rebuild switchdev when resetting all VFs 2021-10-07 10:41:42 -07:00
ice_sbq_cmd.h ice: add support for sideband messages 2021-06-11 07:38:00 -07:00
ice_sched.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-10-22 11:41:16 +01:00
ice_sched.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-10-22 11:41:16 +01:00
ice_sriov.c ice: warn about potentially malicious VFs 2021-04-22 09:26:22 -07:00
ice_sriov.h ice: warn about potentially malicious VFs 2021-04-22 09:26:22 -07:00
ice_status.h ice: display stored netlist versions via devlink info 2021-02-05 11:43:37 -08:00
ice_switch.c ice: fix error return code in ice_get_recp_frm_fw() 2021-10-28 11:00:21 -07:00
ice_switch.h ice: low level support for tunnels 2021-10-28 11:00:20 -07:00
ice_tc_lib.c ice: support for GRE in eswitch 2021-10-28 11:00:20 -07:00
ice_tc_lib.h ice: VXLAN and Geneve TC support 2021-10-28 11:00:18 -07:00
ice_trace.h ice: split ice_ring onto Tx/Rx separate structs 2021-10-15 07:39:02 -07:00
ice_txrx_lib.c ice: introduce XDP_TX fallback path 2021-10-15 07:39:03 -07:00
ice_txrx_lib.h ice: propagate xdp_ring onto rx_ring 2021-10-15 07:39:03 -07:00
ice_txrx.c ice: use devm_kcalloc() instead of devm_kzalloc() 2021-10-19 10:53:28 -07:00
ice_txrx.h ice: Add infrastructure for mqprio support via ndo_setup_tc 2021-10-20 15:57:54 -07:00
ice_type.h ice: Add infrastructure for mqprio support via ndo_setup_tc 2021-10-20 15:57:54 -07:00
ice_virtchnl_allowlist.c ice: Enable RSS configure for AVF 2021-04-22 09:26:22 -07:00
ice_virtchnl_allowlist.h ice: Allow ignoring opcodes on specific VF 2021-04-22 09:26:22 -07:00
ice_virtchnl_fdir.c ice: Drop leading underscores in enum ice_pf_state 2021-04-14 17:00:05 -07:00
ice_virtchnl_fdir.h ice: Check FDIR program status for AVF 2021-03-22 11:32:12 -07:00
ice_virtchnl_pf.c ice: Fix race conditions between virtchnl handling and VF ndo ops 2021-11-03 08:16:32 -07:00
ice_virtchnl_pf.h ice: Fix race conditions between virtchnl handling and VF ndo ops 2021-11-03 08:16:32 -07:00
ice_xsk.c intel: Simplify bool conversion 2021-10-29 09:42:33 -07:00
ice_xsk.h ice: split ice_ring onto Tx/Rx separate structs 2021-10-15 07:39:02 -07:00
ice.h ice: Fix VF true promiscuous mode 2021-11-03 08:15:27 -07:00
Makefile ice: ndo_setup_tc implementation for PF 2021-10-11 09:03:04 -07:00