2022-04-01 02:44:41

by Jacob Keller

[permalink] [raw]
Subject: RE: [Intel-wired-lan] [PATCH net] ice: Fix incorrect locking in ice_vc_process_vf_msg()



> -----Original Message-----
> From: Brett Creeley <[email protected]>
> Sent: Thursday, March 31, 2022 9:33 AM
> To: Fijalkowski, Maciej <[email protected]>
> Cc: ivecera <[email protected]>; [email protected]; moderated
> list:INTEL ETHERNET DRIVERS <[email protected]>; mschmidt
> <[email protected]>; open list <[email protected]>; poros
> <[email protected]>; Jakub Kicinski <[email protected]>; Paolo Abeni
> <[email protected]>; David S. Miller <[email protected]>; Keller, Jacob E
> <[email protected]>
> Subject: Re: [Intel-wired-lan] [PATCH net] ice: Fix incorrect locking in
> ice_vc_process_vf_msg()
>
> On Thu, Mar 31, 2022 at 6:17 AM Maciej Fijalkowski
> <[email protected]> wrote:
> >
> > On Thu, Mar 31, 2022 at 03:14:32PM +0200, Maciej Fijalkowski wrote:
> > > On Thu, Mar 31, 2022 at 12:50:04PM +0200, Ivan Vecera wrote:
> > > > Usage of mutex_trylock() in ice_vc_process_vf_msg() is incorrect
> > > > because message sent from VF is ignored and never processed.
> > > >
> > > > Use mutex_lock() instead to fix the issue. It is safe because this
> > >
> > > We need to know what is *the* issue in the first place.
> > > Could you please provide more context what is being fixed to the readers
> > > that don't have an access to bugzilla?
> > >
> > > Specifically, what is the case that ignoring a particular message when
> > > mutex is already held is a broken behavior?
> >
> > Uh oh, let's
> > CC: Brett Creeley <[email protected]>
>

Thanks for responding, Brett! :)

> My concern here is that we don't want to handle messages
> from the context of the "previous" VF configuration if that
> makes sense.
>

Makes sense. Perhaps we need to do some sort of "clear the existing message queue" when we initiate a reset?

> It might be best to grab the cfg_lock before doing any
> message/VF validating in ice_vc_process_vf_msg() to
> make sure all of the checks are done under the cfg_lock.
>

Yes that seems like it should be done.

> CC'ing Jake so he can provide some input as
> well.

Thanks,
Jake



2022-04-04 07:33:06

by Ivan Vecera

[permalink] [raw]
Subject: Re: [Intel-wired-lan] [PATCH net] ice: Fix incorrect locking in ice_vc_process_vf_msg()

On Thu, 31 Mar 2022 19:59:11 +0000
"Keller, Jacob E" <[email protected]> wrote:

> > -----Original Message-----
> > From: Brett Creeley <[email protected]>
> > Sent: Thursday, March 31, 2022 9:33 AM
> > To: Fijalkowski, Maciej <[email protected]>
> > Cc: ivecera <[email protected]>; [email protected]; moderated
> > list:INTEL ETHERNET DRIVERS <[email protected]>; mschmidt
> > <[email protected]>; open list <[email protected]>; poros
> > <[email protected]>; Jakub Kicinski <[email protected]>; Paolo Abeni
> > <[email protected]>; David S. Miller <[email protected]>; Keller, Jacob E
> > <[email protected]>
> > Subject: Re: [Intel-wired-lan] [PATCH net] ice: Fix incorrect locking in
> > ice_vc_process_vf_msg()
> >
> > On Thu, Mar 31, 2022 at 6:17 AM Maciej Fijalkowski
> > <[email protected]> wrote:
> > >
> > > On Thu, Mar 31, 2022 at 03:14:32PM +0200, Maciej Fijalkowski wrote:
> > > > On Thu, Mar 31, 2022 at 12:50:04PM +0200, Ivan Vecera wrote:
> > > > > Usage of mutex_trylock() in ice_vc_process_vf_msg() is incorrect
> > > > > because message sent from VF is ignored and never processed.
> > > > >
> > > > > Use mutex_lock() instead to fix the issue. It is safe because this
> > > >
> > > > We need to know what is *the* issue in the first place.
> > > > Could you please provide more context what is being fixed to the readers
> > > > that don't have an access to bugzilla?
> > > >
> > > > Specifically, what is the case that ignoring a particular message when
> > > > mutex is already held is a broken behavior?
> > >
> > > Uh oh, let's
> > > CC: Brett Creeley <[email protected]>
> >
>
> Thanks for responding, Brett! :)
>
> > My concern here is that we don't want to handle messages
> > from the context of the "previous" VF configuration if that
> > makes sense.
> >
>
> Makes sense. Perhaps we need to do some sort of "clear the existing message queue" when we initiate a reset?

I think this logic is already there... Function ice_reset_vf() (running under cfg_lock) sets default allowlist
during reset (these are VIRTCHNL_OP_GET_VF_RESOURCES, VIRTCHNL_OP_VERSION, VIRTCHNL_OP_RESET_VF).
Function ice_vc_process_vf_msg() currently processed message whether is allowed or not so any spurious messages
there were sent by VF prior reset should be dropped already.

>
> > It might be best to grab the cfg_lock before doing any
> > message/VF validating in ice_vc_process_vf_msg() to
> > make sure all of the checks are done under the cfg_lock.
> >
>
> Yes that seems like it should be done.

Yes, the mutex should be placed prior ice_vc_is_opcode_allowed() call to serialize accesses to allowlist.
Will send v2.

Thanks,
Ivan