This commit adds memory barrier for the 'vq' update in function
mlxbf_tmfifo_virtio_find_vqs() to avoid potential race due to
out-of-order memory write. It also adds barrier for the 'is_ready'
flag to make sure the initializations are visible before this flag
is checked.
Signed-off-by: Liming Sun <[email protected]>
---
drivers/platform/mellanox/mlxbf-tmfifo.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/drivers/platform/mellanox/mlxbf-tmfifo.c b/drivers/platform/mellanox/mlxbf-tmfifo.c
index 91a077c35b8b..a79318e90a13 100644
--- a/drivers/platform/mellanox/mlxbf-tmfifo.c
+++ b/drivers/platform/mellanox/mlxbf-tmfifo.c
@@ -784,7 +784,7 @@ static void mlxbf_tmfifo_rxtx(struct mlxbf_tmfifo_vring *vring, bool is_rx)
fifo = vring->fifo;
/* Return if vdev is not ready. */
- if (!fifo->vdev[devid])
+ if (!fifo || !fifo->vdev[devid])
return;
/* Return if another vring is running. */
@@ -980,9 +980,13 @@ static int mlxbf_tmfifo_virtio_find_vqs(struct virtio_device *vdev,
vq->num_max = vring->num;
+ vq->priv = vring;
+
+ /* Make vq update visible before using it. */
+ virtio_mb(false);
+
vqs[i] = vq;
vring->vq = vq;
- vq->priv = vring;
}
return 0;
@@ -1302,6 +1306,9 @@ static int mlxbf_tmfifo_probe(struct platform_device *pdev)
mod_timer(&fifo->timer, jiffies + MLXBF_TMFIFO_TIMER_INTERVAL);
+ /* Make all updates visible before setting the 'is_ready' flag. */
+ virtio_mb(false);
+
fifo->is_ready = true;
return 0;
--
2.30.1
Vadim,
On 4/26/23 16:23, Liming Sun wrote:
> This commit adds memory barrier for the 'vq' update in function
> mlxbf_tmfifo_virtio_find_vqs() to avoid potential race due to
> out-of-order memory write. It also adds barrier for the 'is_ready'
> flag to make sure the initializations are visible before this flag
> is checked.
>
> Signed-off-by: Liming Sun <[email protected]>
Can you review this patch please ?
Regards,
Hans
> ---
> drivers/platform/mellanox/mlxbf-tmfifo.c | 11 +++++++++--
> 1 file changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/platform/mellanox/mlxbf-tmfifo.c b/drivers/platform/mellanox/mlxbf-tmfifo.c
> index 91a077c35b8b..a79318e90a13 100644
> --- a/drivers/platform/mellanox/mlxbf-tmfifo.c
> +++ b/drivers/platform/mellanox/mlxbf-tmfifo.c
> @@ -784,7 +784,7 @@ static void mlxbf_tmfifo_rxtx(struct mlxbf_tmfifo_vring *vring, bool is_rx)
> fifo = vring->fifo;
>
> /* Return if vdev is not ready. */
> - if (!fifo->vdev[devid])
> + if (!fifo || !fifo->vdev[devid])
> return;
>
> /* Return if another vring is running. */
> @@ -980,9 +980,13 @@ static int mlxbf_tmfifo_virtio_find_vqs(struct virtio_device *vdev,
>
> vq->num_max = vring->num;
>
> + vq->priv = vring;
> +
> + /* Make vq update visible before using it. */
> + virtio_mb(false);
> +
> vqs[i] = vq;
> vring->vq = vq;
> - vq->priv = vring;
> }
>
> return 0;
> @@ -1302,6 +1306,9 @@ static int mlxbf_tmfifo_probe(struct platform_device *pdev)
>
> mod_timer(&fifo->timer, jiffies + MLXBF_TMFIFO_TIMER_INTERVAL);
>
> + /* Make all updates visible before setting the 'is_ready' flag. */
> + virtio_mb(false);
> +
> fifo->is_ready = true;
> return 0;
>
> -----Original Message-----
> From: Liming Sun <[email protected]>
> Sent: Wednesday, 26 April 2023 17:24
> To: Vadim Pasternak <[email protected]>; David Thompson
> <[email protected]>; Hans de Goede <[email protected]>;
> Mark Gross <[email protected]>
> Cc: Liming Sun <[email protected]>; [email protected];
> [email protected]
> Subject: [PATCH v1 1/1] platform/mellanox: fix potential race in mlxbf-tmfifo
> driver
>
> This commit adds memory barrier for the 'vq' update in function
> mlxbf_tmfifo_virtio_find_vqs() to avoid potential race due to out-of-order
> memory write. It also adds barrier for the 'is_ready'
> flag to make sure the initializations are visible before this flag is checked.
>
> Signed-off-by: Liming Sun <[email protected]>
Reviewed-by: Vadim Pasternak <[email protected]>
> ---
> drivers/platform/mellanox/mlxbf-tmfifo.c | 11 +++++++++--
> 1 file changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/platform/mellanox/mlxbf-tmfifo.c
> b/drivers/platform/mellanox/mlxbf-tmfifo.c
> index 91a077c35b8b..a79318e90a13 100644
> --- a/drivers/platform/mellanox/mlxbf-tmfifo.c
> +++ b/drivers/platform/mellanox/mlxbf-tmfifo.c
> @@ -784,7 +784,7 @@ static void mlxbf_tmfifo_rxtx(struct
> mlxbf_tmfifo_vring *vring, bool is_rx)
> fifo = vring->fifo;
>
> /* Return if vdev is not ready. */
> - if (!fifo->vdev[devid])
> + if (!fifo || !fifo->vdev[devid])
> return;
>
> /* Return if another vring is running. */ @@ -980,9 +980,13 @@
> static int mlxbf_tmfifo_virtio_find_vqs(struct virtio_device *vdev,
>
> vq->num_max = vring->num;
>
> + vq->priv = vring;
> +
> + /* Make vq update visible before using it. */
> + virtio_mb(false);
> +
> vqs[i] = vq;
> vring->vq = vq;
> - vq->priv = vring;
> }
>
> return 0;
> @@ -1302,6 +1306,9 @@ static int mlxbf_tmfifo_probe(struct
> platform_device *pdev)
>
> mod_timer(&fifo->timer, jiffies + MLXBF_TMFIFO_TIMER_INTERVAL);
>
> + /* Make all updates visible before setting the 'is_ready' flag. */
> + virtio_mb(false);
> +
> fifo->is_ready = true;
> return 0;
>
> --
> 2.30.1
Hi,
On 5/9/23 11:35, Vadim Pasternak wrote:
>
>
>> -----Original Message-----
>> From: Liming Sun <[email protected]>
>> Sent: Wednesday, 26 April 2023 17:24
>> To: Vadim Pasternak <[email protected]>; David Thompson
>> <[email protected]>; Hans de Goede <[email protected]>;
>> Mark Gross <[email protected]>
>> Cc: Liming Sun <[email protected]>; [email protected];
>> [email protected]
>> Subject: [PATCH v1 1/1] platform/mellanox: fix potential race in mlxbf-tmfifo
>> driver
>>
>> This commit adds memory barrier for the 'vq' update in function
>> mlxbf_tmfifo_virtio_find_vqs() to avoid potential race due to out-of-order
>> memory write. It also adds barrier for the 'is_ready'
>> flag to make sure the initializations are visible before this flag is checked.
>>
>> Signed-off-by: Liming Sun <[email protected]>
>
> Reviewed-by: Vadim Pasternak <[email protected]>
Thank you for your patch, I've applied this patch to my fixes
branch:
https://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86.git/log/?h=fixes
Note it will show up in my fixes branch once I've pushed my
local branch there, which might take a while.
I will include this patch in my next fixes pull-req to Linus
for the current kernel development cycle.
Regards,
Hans
>> ---
>> drivers/platform/mellanox/mlxbf-tmfifo.c | 11 +++++++++--
>> 1 file changed, 9 insertions(+), 2 deletions(-)
>>
>> diff --git a/drivers/platform/mellanox/mlxbf-tmfifo.c
>> b/drivers/platform/mellanox/mlxbf-tmfifo.c
>> index 91a077c35b8b..a79318e90a13 100644
>> --- a/drivers/platform/mellanox/mlxbf-tmfifo.c
>> +++ b/drivers/platform/mellanox/mlxbf-tmfifo.c
>> @@ -784,7 +784,7 @@ static void mlxbf_tmfifo_rxtx(struct
>> mlxbf_tmfifo_vring *vring, bool is_rx)
>> fifo = vring->fifo;
>>
>> /* Return if vdev is not ready. */
>> - if (!fifo->vdev[devid])
>> + if (!fifo || !fifo->vdev[devid])
>> return;
>>
>> /* Return if another vring is running. */ @@ -980,9 +980,13 @@
>> static int mlxbf_tmfifo_virtio_find_vqs(struct virtio_device *vdev,
>>
>> vq->num_max = vring->num;
>>
>> + vq->priv = vring;
>> +
>> + /* Make vq update visible before using it. */
>> + virtio_mb(false);
>> +
>> vqs[i] = vq;
>> vring->vq = vq;
>> - vq->priv = vring;
>> }
>>
>> return 0;
>> @@ -1302,6 +1306,9 @@ static int mlxbf_tmfifo_probe(struct
>> platform_device *pdev)
>>
>> mod_timer(&fifo->timer, jiffies + MLXBF_TMFIFO_TIMER_INTERVAL);
>>
>> + /* Make all updates visible before setting the 'is_ready' flag. */
>> + virtio_mb(false);
>> +
>> fifo->is_ready = true;
>> return 0;
>>
>> --
>> 2.30.1
>