Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp3300515ybb; Tue, 31 Mar 2020 02:25:12 -0700 (PDT) X-Google-Smtp-Source: ADFU+vtNBaPAmrnqvYvqLhMDD+F6KM+E7HUZEdySrDxIOelIlaxJVh3vAobvEzyGI3iiqPoATjFU X-Received: by 2002:a4a:940e:: with SMTP id h14mr2394471ooi.26.1585646712085; Tue, 31 Mar 2020 02:25:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1585646712; cv=none; d=google.com; s=arc-20160816; b=JKSFiC0S2Ba8JhfdgbYgyDp/Ooswb/TY23M8oIPBGQaQ3r02mcSOXYKF7uJXiXaJSu XNQnnwv8HJnZ/AtJ1uYxg88LGbOygMJ6N/eUGShvuGgGEUS1uzeocn7Cg+Pq0JMQH3oZ 657PZ01EdAkWVDEcK3yS+aG/TE2YuqTfbx8hFCHomh2lvWksVN90CAHSi2tInTyMJdpA f3zq6BFDQ6dSZw4C9lrecOno4NJcD2CEjb4INeYbeoGM8oikR/+aIOuOqJmQPsnUV2Ui R+7ROqwKvhmhck9VEq7JMTi9EY5BnmXfR39supTen4gw85/96g5oVliNlqZ4SOfDNIFJ FBFw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=XPYeG1GWarsjG4YfYC/KVyPZG1UKq3Pmf3OfTfEqqgs=; b=QAhOwHhuoH5D/jwizzF8ELymd11N2/Q4/fTy/DYHatUl6U+0ERBa/HJrBIX4+vNqUN X1S+dNFgw5rLMPQhrWxMHhMj0w0iTE7c/FlUYPkTiyGy0K9qmA/Yecd3zrzDPvYa+fjR TDCQBk4gCW8E/wmtB3TUg8GZMxSG8rj8DQqH30Eds6iYRaYADSFWPPPsABMkSVO7eBYd KGx5JvHpoa+dwZf2kooYL36ZmkClI4mT/hA/wuQKpJqZtyLpB+mFZQa10t21gzlj4ERc adqHW8csx8sa/gIqSXkFiC4uzGQnO8OxJBMHtn1z/Uu17U22HZL0DC7Jt8YnAsnl9jAz 8dcg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=fLLQc791; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k10si7447287otr.174.2020.03.31.02.24.59; Tue, 31 Mar 2020 02:25:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=fLLQc791; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730690AbgCaJCV (ORCPT + 99 others); Tue, 31 Mar 2020 05:02:21 -0400 Received: from mail.kernel.org ([198.145.29.99]:41716 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730681AbgCaJCP (ORCPT ); Tue, 31 Mar 2020 05:02:15 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id CC4D620787; Tue, 31 Mar 2020 09:02:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1585645334; bh=3H6k1wjVqfa9JIOqEprW66a4+Ddv97Y372AhUSotXHM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fLLQc791lhmT+zxJfC4GSlerHu7uL166SOCOpY2uan3mOo7wXKuLFCpx5iNU5eem/ W5yYumj43e68REh89FJPxKN0O/LRiheCAq2BdM7NRGIEZ5f2HJdXdUS1bNJ9NdaGZ8 u7U6RCSvaGPUIHS2wZm/iGKJ/WjknevnS3SXPUh4= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Gavin Shan , "Guilherme G. Piccoli" , Sameeh Jubran , "David S. Miller" Subject: [PATCH 5.5 021/170] net: ena: Add PCI shutdown handler to allow safe kexec Date: Tue, 31 Mar 2020 10:57:15 +0200 Message-Id: <20200331085426.295622266@linuxfoundation.org> X-Mailer: git-send-email 2.26.0 In-Reply-To: <20200331085423.990189598@linuxfoundation.org> References: <20200331085423.990189598@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: "Guilherme G. Piccoli" [ Upstream commit 428c491332bca498c8eb2127669af51506c346c7 ] Currently ENA only provides the PCI remove() handler, used during rmmod for example. This is not called on shutdown/kexec path; we are potentially creating a failure scenario on kexec: (a) Kexec is triggered, no shutdown() / remove() handler is called for ENA; instead pci_device_shutdown() clears the master bit of the PCI device, stopping all DMA transactions; (b) Kexec reboot happens and the device gets enabled again, likely having its FW with that DMA transaction buffered; then it may trigger the (now invalid) memory operation in the new kernel, corrupting kernel memory area. This patch aims to prevent this, by implementing a shutdown() handler quite similar to the remove() one - the difference being the handling of the netdev, which is unregistered on remove(), but following the convention observed in other drivers, it's only detached on shutdown(). This prevents an odd issue in AWS Nitro instances, in which after the 2nd kexec the next one will fail with an initrd corruption, caused by a wild DMA write to invalid kernel memory. The lspci output for the adapter present in my instance is: 00:05.0 Ethernet controller [0200]: Amazon.com, Inc. Elastic Network Adapter (ENA) [1d0f:ec20] Suggested-by: Gavin Shan Signed-off-by: Guilherme G. Piccoli Acked-by: Sameeh Jubran Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- drivers/net/ethernet/amazon/ena/ena_netdev.c | 51 +++++++++++++++++++++------ 1 file changed, 41 insertions(+), 10 deletions(-) --- a/drivers/net/ethernet/amazon/ena/ena_netdev.c +++ b/drivers/net/ethernet/amazon/ena/ena_netdev.c @@ -3662,13 +3662,15 @@ err_disable_device: /*****************************************************************************/ -/* ena_remove - Device Removal Routine +/* __ena_shutoff - Helper used in both PCI remove/shutdown routines * @pdev: PCI device information struct + * @shutdown: Is it a shutdown operation? If false, means it is a removal * - * ena_remove is called by the PCI subsystem to alert the driver - * that it should release a PCI device. + * __ena_shutoff is a helper routine that does the real work on shutdown and + * removal paths; the difference between those paths is with regards to whether + * dettach or unregister the netdevice. */ -static void ena_remove(struct pci_dev *pdev) +static void __ena_shutoff(struct pci_dev *pdev, bool shutdown) { struct ena_adapter *adapter = pci_get_drvdata(pdev); struct ena_com_dev *ena_dev; @@ -3687,13 +3689,17 @@ static void ena_remove(struct pci_dev *p cancel_work_sync(&adapter->reset_task); - rtnl_lock(); + rtnl_lock(); /* lock released inside the below if-else block */ ena_destroy_device(adapter, true); - rtnl_unlock(); - - unregister_netdev(netdev); - - free_netdev(netdev); + if (shutdown) { + netif_device_detach(netdev); + dev_close(netdev); + rtnl_unlock(); + } else { + rtnl_unlock(); + unregister_netdev(netdev); + free_netdev(netdev); + } ena_com_rss_destroy(ena_dev); @@ -3708,6 +3714,30 @@ static void ena_remove(struct pci_dev *p vfree(ena_dev); } +/* ena_remove - Device Removal Routine + * @pdev: PCI device information struct + * + * ena_remove is called by the PCI subsystem to alert the driver + * that it should release a PCI device. + */ + +static void ena_remove(struct pci_dev *pdev) +{ + __ena_shutoff(pdev, false); +} + +/* ena_shutdown - Device Shutdown Routine + * @pdev: PCI device information struct + * + * ena_shutdown is called by the PCI subsystem to alert the driver that + * a shutdown/reboot (or kexec) is happening and device must be disabled. + */ + +static void ena_shutdown(struct pci_dev *pdev) +{ + __ena_shutoff(pdev, true); +} + #ifdef CONFIG_PM /* ena_suspend - PM suspend callback * @pdev: PCI device information struct @@ -3757,6 +3787,7 @@ static struct pci_driver ena_pci_driver .id_table = ena_pci_tbl, .probe = ena_probe, .remove = ena_remove, + .shutdown = ena_shutdown, #ifdef CONFIG_PM .suspend = ena_suspend, .resume = ena_resume,