| Message ID | 20191218140102.11579-1-baijiaju1990@gmail.com |
|---|---|
| State | Changes Requested |
| Delegated to: | David Miller |
| Headers | show |
| Series | net: amd: xgbe: fix possible sleep-in-atomic-context bugs in xgbe_powerdown() | expand |
> The function call path (from bottom to top) in Linux 4.19 is: Does this Linux version need more adjustments than the current development version? > These bugs are found by a static analysis tool STCheck written > by myself. Would you like to point any more background information out for this software? Regards, Markus
From: Jia-Ju Bai <baijiaju1990@gmail.com> Date: Wed, 18 Dec 2019 22:01:02 +0800 > @@ -1257,17 +1257,18 @@ int xgbe_powerdown(struct net_device *netdev, unsigned int caller) > netif_tx_stop_all_queues(netdev); > > xgbe_stop_timers(pdata); > - flush_workqueue(pdata->dev_workqueue); > > hw_if->powerdown_tx(pdata); > hw_if->powerdown_rx(pdata); > > - xgbe_napi_disable(pdata, 0); > - > pdata->power_down = 1; > > spin_unlock_irqrestore(&pdata->lock, flags); > > + flush_workqueue(pdata->dev_workqueue); > + > + xgbe_napi_disable(pdata, 0); > + Nope, this doesn't work at all. You can't leave NAPI enabled, and thus packet processing, after the TX and RX units of the chip have been powered down.
On 2019/12/19 5:26, David Miller wrote: > From: Jia-Ju Bai <baijiaju1990@gmail.com> > Date: Wed, 18 Dec 2019 22:01:02 +0800 > >> @@ -1257,17 +1257,18 @@ int xgbe_powerdown(struct net_device *netdev, unsigned int caller) >> netif_tx_stop_all_queues(netdev); >> >> xgbe_stop_timers(pdata); >> - flush_workqueue(pdata->dev_workqueue); >> >> hw_if->powerdown_tx(pdata); >> hw_if->powerdown_rx(pdata); >> >> - xgbe_napi_disable(pdata, 0); >> - >> pdata->power_down = 1; >> >> spin_unlock_irqrestore(&pdata->lock, flags); >> >> + flush_workqueue(pdata->dev_workqueue); >> + >> + xgbe_napi_disable(pdata, 0); >> + > Nope, this doesn't work at all. > > You can't leave NAPI enabled, and thus packet processing, after the TX > and RX units of the chip have been powered down. Looking at the code, only xgbe_powerup() and xgbe_powerdown() use the spinlock "pdata->lock". How about change the spinlock to a mutex? Best wishes, Jia-Ju Bai
diff --git a/drivers/net/ethernet/amd/xgbe/xgbe-drv.c b/drivers/net/ethernet/amd/xgbe/xgbe-drv.c index 98f8f2033154..328361d0e190 100644 --- a/drivers/net/ethernet/amd/xgbe/xgbe-drv.c +++ b/drivers/net/ethernet/amd/xgbe/xgbe-drv.c @@ -1257,17 +1257,18 @@ int xgbe_powerdown(struct net_device *netdev, unsigned int caller) netif_tx_stop_all_queues(netdev); xgbe_stop_timers(pdata); - flush_workqueue(pdata->dev_workqueue); hw_if->powerdown_tx(pdata); hw_if->powerdown_rx(pdata); - xgbe_napi_disable(pdata, 0); - pdata->power_down = 1; spin_unlock_irqrestore(&pdata->lock, flags); + flush_workqueue(pdata->dev_workqueue); + + xgbe_napi_disable(pdata, 0); + DBGPR("<--xgbe_powerdown\n"); return 0;
The driver may sleep while holding a spinlock. The function call path (from bottom to top) in Linux 4.19 is: drivers/net/ethernet/amd/xgbe/xgbe-drv.c, 1261: flush_workqueue in xgbe_powerdown drivers/net/ethernet/amd/xgbe/xgbe-drv.c, 1253: _raw_spin_lock_irqsave in xgbe_powerdown drivers/net/ethernet/amd/xgbe/xgbe-drv.c, 1055: napi_disable in xgbe_napi_disable drivers/net/ethernet/amd/xgbe/xgbe-drv.c, 1266: xgbe_napi_disable in xgbe_powerdown drivers/net/ethernet/amd/xgbe/xgbe-drv.c, 1253: _raw_spin_lock_irqsave in xgbe_powerdown drivers/net/ethernet/amd/xgbe/xgbe-drv.c, 1049: napi_disable in xgbe_napi_disable drivers/net/ethernet/amd/xgbe/xgbe-drv.c, 1266: xgbe_napi_disable in xgbe_powerdown drivers/net/ethernet/amd/xgbe/xgbe-drv.c, 1253: _raw_spin_lock_irqsave in xgbe_powerdown flush_workqueue() and napi_disable() can sleep at runtime. To fix these bugs, flush_workqueue() and xgbe_napi_disable() are called without holding the spinlock. These bugs are found by a static analysis tool STCheck written by myself. Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com> --- drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-)