diff options
| author | Chengfeng Ye <[email protected]> | 2023-09-26 10:11:16 +0000 |
|---|---|---|
| committer | Leon Romanovsky <[email protected]> | 2023-10-25 11:12:43 +0300 |
| commit | 2f19c4b8395ccb6eb25ccafee883c8cfbe3fc193 (patch) | |
| tree | 8191c7e67f09bb03bb793dadd601f4fac2d35ef5 /lib/test_fortify/write_overflow-strlcpy.c | |
| parent | 7a1c2abf9a2be7d969b25e8d65567933335ca88e (diff) | |
IB/hfi1: Fix potential deadlock on &irq_src_lock and &dd->uctxt_lock
handle_receive_interrupt_napi_sp() running inside interrupt handler
could introduce inverse lock ordering between &dd->irq_src_lock
and &dd->uctxt_lock, if read_mod_write() is preempted by the isr.
[CPU0] | [CPU1]
hfi1_ipoib_dev_open() |
--> hfi1_netdev_enable_queues() |
--> enable_queues(rx) |
--> hfi1_rcvctrl() |
--> set_intr_bits() |
--> read_mod_write() |
--> spin_lock(&dd->irq_src_lock) |
| hfi1_poll()
| --> poll_next()
| --> spin_lock_irq(&dd->uctxt_lock)
|
| --> hfi1_rcvctrl()
| --> set_intr_bits()
| --> read_mod_write()
| --> spin_lock(&dd->irq_src_lock)
<interrupt> |
--> handle_receive_interrupt_napi_sp() |
--> set_all_fastpath() |
--> hfi1_rcd_get_by_index() |
--> spin_lock_irqsave(&dd->uctxt_lock) |
This flaw was found by an experimental static analysis tool I am
developing for irq-related deadlock.
To prevent the potential deadlock, the patch use spin_lock_irqsave()
on &dd->irq_src_lock inside read_mod_write() to prevent the possible
deadlock scenario.
Signed-off-by: Chengfeng Ye <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Acked-by: Dennis Dalessandro <[email protected]>
Signed-off-by: Leon Romanovsky <[email protected]>
Diffstat (limited to 'lib/test_fortify/write_overflow-strlcpy.c')
0 files changed, 0 insertions, 0 deletions