| Message ID | 20220422173905.23410-1-arkadiusz.kubalewski@intel.com |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | [net] ice: fix crash when writing timestamp on rx rings | expand |
On 4/22/2022 10:39 AM, Arkadiusz Kubalewski wrote: > Do not allow to write timestamps on RX rings if PF is being configured. > When PF is being configured RX rings can be freed or rebuilt. If at the same > time timestamps are updated, the kernel will crash by dereferencing null RX > ring pointer. > > PID: 1449 TASK: ff187d28ed658040 CPU: 34 COMMAND: "ice-ptp-0000:51" > #0 [ff1966a94a713bb0] machine_kexec at ffffffff9d05a0be > #1 [ff1966a94a713c08] __crash_kexec at ffffffff9d192e9d > #2 [ff1966a94a713cd0] crash_kexec at ffffffff9d1941bd > #3 [ff1966a94a713ce8] oops_end at ffffffff9d01bd54 > #4 [ff1966a94a713d08] no_context at ffffffff9d06bda4 > #5 [ff1966a94a713d60] __bad_area_nosemaphore at ffffffff9d06c10c > #6 [ff1966a94a713da8] do_page_fault at ffffffff9d06cae4 > #7 [ff1966a94a713de0] page_fault at ffffffff9da0107e > [exception RIP: ice_ptp_update_cached_phctime+91] > RIP: ffffffffc076db8b RSP: ff1966a94a713e98 RFLAGS: 00010246 > RAX: 16e3db9c6b7ccae4 RBX: ff187d269dd3c180 RCX: ff187d269cd4d018 > RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 > RBP: ff187d269cfcc644 R8: ff187d339b9641b0 R9: 0000000000000000 > R10: 0000000000000002 R11: 0000000000000000 R12: ff187d269cfcc648 > R13: ffffffff9f128784 R14: ffffffff9d101b70 R15: ff187d269cfcc640 > ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 > #8 [ff1966a94a713ea0] ice_ptp_periodic_work at ffffffffc076dbef [ice] > #9 [ff1966a94a713ee0] kthread_worker_fn at ffffffff9d101c1b > #10 [ff1966a94a713f10] kthread at ffffffff9d101b4d > #11 [ff1966a94a713f50] ret_from_fork at ffffffff9da0023f > > Fixes: 77a781155a65 ("ice: enable receive hardware timestamping") > Signed-off-by: Arkadiusz Kubalewski <arkadiusz.kubalewski@intel.com> > --- This doesn't apply to net-queue. Thanks, Tony
diff --git a/drivers/net/ethernet/intel/ice/ice_ptp.c b/drivers/net/ethernet/intel/ice/ice_ptp.c index a1cd33273ca4..55ad21754d08 100644 --- a/drivers/net/ethernet/intel/ice/ice_ptp.c +++ b/drivers/net/ethernet/intel/ice/ice_ptp.c @@ -500,12 +500,19 @@ ice_ptp_read_src_clk_reg(struct ice_pf *pf, struct ptp_system_timestamp *sts) * This function must be called periodically to ensure that the cached value * is never more than 2 seconds old. It must also be called whenever the PHC * time has been changed. + * + * Return: + * * 0 - OK, successfully updated + * * -EAGAIN - PF was busy, need to reschedule the update */ -static void ice_ptp_update_cached_phctime(struct ice_pf *pf) +static int ice_ptp_update_cached_phctime(struct ice_pf *pf) { u64 systime; int i; + if (!test_and_set_bit(ICE_CFG_BUSY, pf->state)) + return -EAGAIN; + /* Read the current PHC time */ systime = ice_ptp_read_src_clk_reg(pf, NULL); @@ -528,6 +535,9 @@ static void ice_ptp_update_cached_phctime(struct ice_pf *pf) WRITE_ONCE(vsi->rx_rings[j]->cached_phctime, systime); } } + clear_bit(ICE_CFG_BUSY, pf->state); + + return 0; } /** @@ -2324,17 +2334,18 @@ static void ice_ptp_periodic_work(struct kthread_work *work) { struct ice_ptp *ptp = container_of(work, struct ice_ptp, work.work); struct ice_pf *pf = container_of(ptp, struct ice_pf, ptp); + int err; if (!test_bit(ICE_FLAG_PTP, pf->flags)) return; - ice_ptp_update_cached_phctime(pf); + err = ice_ptp_update_cached_phctime(pf); ice_ptp_tx_tstamp_cleanup(&pf->ptp.port.tx); - /* Run twice a second */ + /* Run twice a second or reschedule if phc update failed */ kthread_queue_delayed_work(ptp->kworker, &ptp->work, - msecs_to_jiffies(500)); + msecs_to_jiffies(err ? 10 : 500)); } /**
Do not allow to write timestamps on RX rings if PF is being configured. When PF is being configured RX rings can be freed or rebuilt. If at the same time timestamps are updated, the kernel will crash by dereferencing null RX ring pointer. PID: 1449 TASK: ff187d28ed658040 CPU: 34 COMMAND: "ice-ptp-0000:51" #0 [ff1966a94a713bb0] machine_kexec at ffffffff9d05a0be #1 [ff1966a94a713c08] __crash_kexec at ffffffff9d192e9d #2 [ff1966a94a713cd0] crash_kexec at ffffffff9d1941bd #3 [ff1966a94a713ce8] oops_end at ffffffff9d01bd54 #4 [ff1966a94a713d08] no_context at ffffffff9d06bda4 #5 [ff1966a94a713d60] __bad_area_nosemaphore at ffffffff9d06c10c #6 [ff1966a94a713da8] do_page_fault at ffffffff9d06cae4 #7 [ff1966a94a713de0] page_fault at ffffffff9da0107e [exception RIP: ice_ptp_update_cached_phctime+91] RIP: ffffffffc076db8b RSP: ff1966a94a713e98 RFLAGS: 00010246 RAX: 16e3db9c6b7ccae4 RBX: ff187d269dd3c180 RCX: ff187d269cd4d018 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ff187d269cfcc644 R8: ff187d339b9641b0 R9: 0000000000000000 R10: 0000000000000002 R11: 0000000000000000 R12: ff187d269cfcc648 R13: ffffffff9f128784 R14: ffffffff9d101b70 R15: ff187d269cfcc640 ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 #8 [ff1966a94a713ea0] ice_ptp_periodic_work at ffffffffc076dbef [ice] #9 [ff1966a94a713ee0] kthread_worker_fn at ffffffff9d101c1b #10 [ff1966a94a713f10] kthread at ffffffff9d101b4d #11 [ff1966a94a713f50] ret_from_fork at ffffffff9da0023f Fixes: 77a781155a65 ("ice: enable receive hardware timestamping") Signed-off-by: Arkadiusz Kubalewski <arkadiusz.kubalewski@intel.com> --- drivers/net/ethernet/intel/ice/ice_ptp.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) base-commit: b0a2af9a2ddb31e5cabab179baea2f5a29861eef