Ksawlii/kernel_samsung_a53x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
kernel_samsung_a53x/drivers
History
Mark Bloch 664ac69e67 net/mlx5: fs, lock FTE when checking if active 
[ Upstream commit 9ca314419930f9135727e39d77e66262d5f7bef6 ]

The referenced commits introduced a two-step process for deleting FTEs:

- Lock the FTE, delete it from hardware, set the hardware deletion function
  to NULL and unlock the FTE.
- Lock the parent flow group, delete the software copy of the FTE, and
  remove it from the xarray.

However, this approach encounters a race condition if a rule with the same
match value is added simultaneously. In this scenario, fs_core may set the
hardware deletion function to NULL prematurely, causing a panic during
subsequent rule deletions.

To prevent this, ensure the active flag of the FTE is checked under a lock,
which will prevent the fs_core layer from attaching a new steering rule to
an FTE that is in the process of deletion.

[  438.967589] MOSHE: 2496 mlx5_del_flow_rules del_hw_func
[  438.968205] ------------[ cut here ]------------
[  438.968654] refcount_t: decrement hit 0; leaking memory.
[  438.969249] WARNING: CPU: 0 PID: 8957 at lib/refcount.c:31 refcount_warn_saturate+0xfb/0x110
[  438.970054] Modules linked in: act_mirred cls_flower act_gact sch_ingress openvswitch nsh mlx5_vdpa vringh vhost_iotlb vdpa mlx5_ib mlx5_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm ib_uverbs ib_core zram zsmalloc fuse [last unloaded: cls_flower]
[  438.973288] CPU: 0 UID: 0 PID: 8957 Comm: tc Not tainted 6.12.0-rc1+ #8
[  438.973888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014
[  438.974874] RIP: 0010:refcount_warn_saturate+0xfb/0x110
[  438.975363] Code: 40 66 3b 82 c6 05 16 e9 4d 01 01 e8 1f 7c a0 ff 0f 0b c3 cc cc cc cc 48 c7 c7 10 66 3b 82 c6 05 fd e8 4d 01 01 e8 05 7c a0 ff <0f> 0b c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90
[  438.976947] RSP: 0018:ffff888124a53610 EFLAGS: 00010286
[  438.977446] RAX: 0000000000000000 RBX: ffff888119d56de0 RCX: 0000000000000000
[  438.978090] RDX: ffff88852c828700 RSI: ffff88852c81b3c0 RDI: ffff88852c81b3c0
[  438.978721] RBP: ffff888120fa0e88 R08: 0000000000000000 R09: ffff888124a534b0
[  438.979353] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888119d56de0
[  438.979979] R13: ffff888120fa0ec0 R14: ffff888120fa0ee8 R15: ffff888119d56de0
[  438.980607] FS:  00007fe6dcc0f800(0000) GS:ffff88852c800000(0000) knlGS:0000000000000000
[  438.983984] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  438.984544] CR2: 00000000004275e0 CR3: 0000000186982001 CR4: 0000000000372eb0
[  438.985205] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  438.985842] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  438.986507] Call Trace:
[  438.986799]  <TASK>
[  438.987070]  ? __warn+0x7d/0x110
[  438.987426]  ? refcount_warn_saturate+0xfb/0x110
[  438.987877]  ? report_bug+0x17d/0x190
[  438.988261]  ? prb_read_valid+0x17/0x20
[  438.988659]  ? handle_bug+0x53/0x90
[  438.989054]  ? exc_invalid_op+0x14/0x70
[  438.989458]  ? asm_exc_invalid_op+0x16/0x20
[  438.989883]  ? refcount_warn_saturate+0xfb/0x110
[  438.990348]  mlx5_del_flow_rules+0x2f7/0x340 [mlx5_core]
[  438.990932]  __mlx5_eswitch_del_rule+0x49/0x170 [mlx5_core]
[  438.991519]  ? mlx5_lag_is_sriov+0x3c/0x50 [mlx5_core]
[  438.992054]  ? xas_load+0x9/0xb0
[  438.992407]  mlx5e_tc_rule_unoffload+0x45/0xe0 [mlx5_core]
[  438.993037]  mlx5e_tc_del_fdb_flow+0x2a6/0x2e0 [mlx5_core]
[  438.993623]  mlx5e_flow_put+0x29/0x60 [mlx5_core]
[  438.994161]  mlx5e_delete_flower+0x261/0x390 [mlx5_core]
[  438.994728]  tc_setup_cb_destroy+0xb9/0x190
[  438.995150]  fl_hw_destroy_filter+0x94/0xc0 [cls_flower]
[  438.995650]  fl_change+0x11a4/0x13c0 [cls_flower]
[  438.996105]  tc_new_tfilter+0x347/0xbc0
[  438.996503]  ? ___slab_alloc+0x70/0x8c0
[  438.996929]  rtnetlink_rcv_msg+0xf9/0x3e0
[  438.997339]  ? __netlink_sendskb+0x4c/0x70
[  438.997751]  ? netlink_unicast+0x286/0x2d0
[  438.998171]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  438.998625]  netlink_rcv_skb+0x54/0x100
[  438.999020]  netlink_unicast+0x203/0x2d0
[  438.999421]  netlink_sendmsg+0x1e4/0x420
[  438.999820]  __sock_sendmsg+0xa1/0xb0
[  439.000203]  ____sys_sendmsg+0x207/0x2a0
[  439.000600]  ? copy_msghdr_from_user+0x6d/0xa0
[  439.001072]  ___sys_sendmsg+0x80/0xc0
[  439.001459]  ? ___sys_recvmsg+0x8b/0xc0
[  439.001848]  ? generic_update_time+0x4d/0x60
[  439.002282]  __sys_sendmsg+0x51/0x90
[  439.002658]  do_syscall_64+0x50/0x110
[  439.003040]  entry_SYSCALL_64_after_hwframe+0x76/0x7e

Fixes: 718ce4d601db ("net/mlx5: Consolidate update FTE for all removal changes")
Fixes: cefc23554fc2 ("net/mlx5: Fix FTE cleanup")
Signed-off-by: Mark Bloch <mbloch@nvidia.com>
Reviewed-by: Maor Gottlieb <maorg@nvidia.com>
Signed-off-by: Tariq Toukan <tariqt@nvidia.com>
Link: https://patch.msgid.link/20241107183527.676877-4-tariqt@nvidia.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-12-17 13:20:50 +01:00
..
accessibility speakup: Fix sizeof() vs ARRAY_SIZE() bug 2024-11-19 12:26:51 +01:00
acpi Revert "ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add()" 2024-11-24 00:23:37 +01:00
amba
android Revert "binder: fix UAF caused by offsets overwrite" 2024-11-24 00:23:38 +01:00
ata Revert "ata: libata-core: Fix null pointer dereference on error" 2024-11-24 00:23:50 +01:00
atm atm: idt77252: prevent use after free in dequeue_rx() 2024-11-23 23:20:43 +01:00
auxdisplay
base Revert "devres: Initialize an uninitialized struct member" 2024-11-24 00:23:40 +01:00
battery
bcma
block Revert "zram: Set default compressor to zstd" 2024-12-03 19:58:37 +01:00
bluetooth Revert "Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO" 2024-11-24 00:23:50 +01:00
bts
bus Revert "bus: integrator-lm: fix OF node leak in probe()" 2024-11-24 00:23:16 +01:00
cdrom
char Revert "tpm: Clean up TPM space after command failure" 2024-11-24 00:23:24 +01:00
clk clk: qcom: gcc-qcs404: fix initial rate of GPLL3 2024-12-17 13:20:50 +01:00
clocksource Revert "clocksource/drivers/imx-tpm: Fix return -ETIME when delta exceeds INT_MAX" 2024-11-24 00:23:37 +01:00
connector
counter counter: ti-eqep: enable clock at probe 2024-11-19 14:19:33 +01:00
cpufreq Revert "cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately" 2024-11-24 00:23:30 +01:00
cpuidle cpuidle: menu: Take negative "sleep length" values into account 2024-11-19 18:01:28 +01:00
crypto crypto: marvell/cesa - Disable hash algorithms 2024-11-30 02:33:27 +01:00
dax
dca
devfreq PM / devfreq: Fix buffer overflow in trans_stat_show 2024-11-19 11:32:38 +01:00
dio
dma dmaengine: dw: Add memory bus width verification 2024-11-23 23:20:55 +01:00
dma-buf dma-buf/sync_file: Speed up ioctl by omitting debug names 2024-11-19 17:53:23 +01:00
edac EDAC, i10nm: make skx_common.o a separate module 2024-11-23 23:19:56 +01:00
eisa
extcon extcon: max8997: select IRQ_DOMAIN instead of depending on it 2024-11-19 12:27:04 +01:00
fingerprint
firewire firewire: nosy: ensure user_length is taken into account when fetching packet contents 2024-11-19 11:32:46 +01:00
firmware Revert "efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption" 2024-11-24 00:23:16 +01:00
fpga fpga: region: add owner module and take its refcount 2024-11-19 12:27:04 +01:00
fsi
gnss
gpio Revert "gpio: prevent potential speculation leaks in gpio_device_get_desc()" 2024-11-24 00:23:32 +01:00
gpu drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported 2024-11-30 02:33:24 +01:00
greybus greybus: Fix use-after-free bug in gb_interface_release due to race condition. 2024-11-19 14:19:05 +01:00
gud
hid HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad 2024-11-30 02:33:27 +01:00
hsi
hv Revert "Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic" 2024-11-24 00:23:37 +01:00
hwmon Revert "hwmon: (adc128d818) Fix underflows seen when writing limit attributes" 2024-11-24 00:23:40 +01:00
hwspinlock Revert "hwspinlock: Introduce hwspin_lock_bust()" 2024-11-24 00:23:48 +01:00
hwtracing Revert "coresight: tmc: sg: Do not leak sg_table" 2024-11-24 00:23:19 +01:00
i2c Revert "i2c: Add i2c_get_match_data()" 2024-11-24 00:23:27 +01:00
i3c i3c: master: cdns: Update maximum prescaler value for i2c clock 2024-11-18 12:13:19 +01:00
ide
idle
ifconn
iio Revert "iio: buffer-dmaengine: fix releasing dma channel on error" 2024-11-24 00:23:38 +01:00
infiniband Revert "RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency" 2024-11-24 00:23:21 +01:00
input Revert "Input: uinput - reject requests with unreasonable number of slots" 2024-11-24 00:23:39 +01:00
interconnect Revert "interconnect: qcom: sm8250: Enable sync_state" 2024-11-24 00:23:19 +01:00
iommu Revert "iommu: sun50i: clear bypass register" 2024-11-24 00:23:43 +01:00
ipack
irqchip irqchip/gic-v3: Force propagation of the active state with a read-back 2024-11-30 02:33:26 +01:00
isdn mISDN: Fix a use after free in hfcmulti_tx() 2024-11-23 23:20:17 +01:00
kperfmon
kq/mesh
leds leds: lp55xx: Remove redundant test for invalid channel number 2024-12-17 13:20:50 +01:00
lightnvm
macintosh macintosh/therm_windtunnel: fix module unload. 2024-11-23 23:20:11 +01:00
mailbox Revert "mailbox: rockchip: fix a typo in module autoloading" 2024-11-24 00:23:13 +01:00
mcb
md md/raid10: improve code of mrdev in raid10_sync_request 2024-11-30 02:33:28 +01:00
media media: uvcvideo: Stop stream during unregister 2024-12-17 13:20:50 +01:00
memory memory: stm32-fmc2-ebi: check regmap_read return value 2024-11-23 23:20:46 +01:00
memstick
message
mfd mfd: omap-usb-tll: Use struct_size to allocate tll 2024-11-23 23:20:09 +01:00
misc drivers: samsung: scsc: Adapt scsc_wlbtd.c for Linux 5.10.229 2024-11-24 00:42:20 +01:00
mmc Revert "mmc: mmc_test: Fix NULL dereference on allocation failure" 2024-11-24 00:23:50 +01:00
most
mtd Revert "mtd: slram: insert break after errors in parsing the map" 2024-11-24 00:23:27 +01:00
muic
mux
net net/mlx5: fs, lock FTE when checking if active 2024-12-17 13:20:50 +01:00
nfc nfc: pn533: Add poll mod list filling check 2024-11-23 23:20:55 +01:00
ntb Revert "ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir()" 2024-11-24 00:23:20 +01:00
nubus
nvdimm Revert "virtio_pmem: Check device status before requesting flush" 2024-11-24 00:22:58 +01:00
nvme Revert "nvme/pci: Add APST quirk for Lenovo N60z laptop" 2024-11-24 00:23:54 +01:00
nvmem Revert "nvmem: Fix return type of devm_nvmem_device_get() in kerneldoc" 2024-11-24 00:23:38 +01:00
of Revert "of/irq: Prevent device address out-of-bounds read in interrupt map walk" 2024-11-24 00:23:38 +01:00
opp OPP: debugfs: Fix warning around icc_get_name() 2024-11-19 08:44:49 +01:00
oprofile
parisc
parport Revert "parport: Proper fix for array out-of-bounds access" 2024-11-24 00:22:51 +01:00
pci Revert "PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0)" 2024-11-24 00:23:42 +01:00
pcmcia Revert "pcmcia: Use resource_size function on resource object" 2024-11-24 00:23:42 +01:00
perf
phy phy: tegra: xusb: Add API to retrieve the port number of phy 2024-11-19 09:22:34 +01:00
pinctrl Revert "pinctrl: rockchip: correct RK3328 iomux width flag for GPIO2-B pins" 2024-11-24 00:23:50 +01:00
platform platform/x86: touchscreen_dmi: add nanote-next quirk 2024-11-23 23:21:40 +01:00
pnp PNP: ACPI: fix fortify warning 2024-11-18 12:13:09 +01:00
power Revert "power: supply: axp20x_battery: allow disabling battery charging" 2024-11-24 00:23:27 +01:00
powercap Revert "powercap: RAPL: fix invalid initialization for pl4_supported field" 2024-11-24 00:23:18 +01:00
pps Revert "pps: remove usage of the deprecated ida_simple_xx() API" 2024-11-24 00:23:14 +01:00
ps3
ptp ptp: Fix error message on failed pin verification 2024-11-19 14:19:01 +01:00
pwm Revert "driver: pwm: Implement .apply() callback" 2024-12-03 19:58:13 +01:00
rapidio
ras
regulator regulator: core: Fix modpost error "regulator_get_regmap" undefined 2024-11-19 14:19:09 +01:00
remoteproc remoteproc: imx_rproc: Skip over memory region when node value is NULL 2024-11-23 23:20:20 +01:00
reset Revert "reset: berlin: fix OF node leak in probe() error path" 2024-11-24 00:23:27 +01:00
rpmsg
rtc Revert "rtc: at91sam9: fix OF node leak in probe() error path" 2024-11-24 00:23:01 +01:00
s390 Revert "s390/zcore: no need to check return value of debugfs_create functions" 2024-11-24 00:22:59 +01:00
samsung
sbus
scsi scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer 2024-11-30 02:33:23 +01:00
sensorhub
sensors
sfi
sh
siox
slimbus slimbus: core: Remove usage of the deprecated ida_simple_xx() API 2024-11-19 09:22:34 +01:00
soc Revert "soc: versatile: integrator: fix OF node leak in probe() error path" 2024-11-24 00:23:17 +01:00
soundwire Revert "soundwire: stream: fix programming slave ports for non-continous port maps" 2024-11-24 00:23:49 +01:00
spi spi: Fix deadlock when adding SPI controllers on SPI buses 2024-11-30 02:33:25 +01:00
spmi
spu_verify
ssb ssb: Fix division by zero issue in ssb_calc_clock_rate 2024-11-23 23:20:44 +01:00
staging media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() 2024-12-17 13:20:50 +01:00
sti
target scsi: target: core: Fix null-ptr-deref in target_alloc_device() 2024-11-23 23:21:59 +01:00
tc
tee tee: optee: Fix kernel panic caused by incorrect error handling 2024-11-19 09:22:39 +01:00
thermal
thunderbolt thunderbolt: Mark XDomain as unplugged when router is removed 2024-11-23 23:20:42 +01:00
tty Revert "tty: rp2: Fix reset with non forgiving PCIe host bridges" 2024-11-24 00:23:16 +01:00
uh
uio Revert "uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind" 2024-11-24 00:23:37 +01:00
usb USB: serial: option: add Quectel RG650V 2024-11-30 02:33:26 +01:00
vdpa vDPA/ifcvf: Fix pci_read_config_byte() return code handling 2024-11-30 02:33:27 +01:00
vfio vfio/fsl-mc: Block calling interrupt handler without trigger 2024-11-19 09:22:45 +01:00
vhost Revert "vdpa: Add eventfd for the vdpa callback" 2024-11-24 00:23:19 +01:00
vibrator
video Revert "fbdev: hpfb: Fix an error handling path in hpfb_dio_probe()" 2024-11-24 00:23:26 +01:00
virt
virtio Revert "vdpa: Add eventfd for the vdpa callback" 2024-11-24 00:23:19 +01:00
vision
vision3
visorbus
vlynq
vme
w1
watchdog Revert "watchdog: s3c2410_wdt: Assign s3c_wdt[] until probe complete" 2024-12-03 19:58:09 +01:00
xen Revert "xen/swiotlb: add alignment check for dma buffers" 2024-11-24 00:23:24 +01:00
zorro
Kconfig Added KernelSU 2024-11-19 22:44:48 +01:00
Kconfig.variant1
kernelsu Added KernelSU 2024-11-19 22:44:48 +01:00
Makefile Added KernelSU 2024-11-19 22:44:48 +01:00
Makefile.variant1