Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3929798pxj; Mon, 21 Jun 2021 09:35:37 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwol3Z8Etk1eXwg1ITxwJmHNL0wdhmoEzJOENarznMBicYQTRNzRrrk9BtIkXNvobZ1/16A X-Received: by 2002:a17:906:4759:: with SMTP id j25mr17716204ejs.4.1624293336856; Mon, 21 Jun 2021 09:35:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1624293336; cv=none; d=google.com; s=arc-20160816; b=SAY3Y2bwJn5Sw35rBJADzmZs6v/lzyfOJBEfTMDy+HAsIl2O00WguJD8zbyRjWSM+O IXcMj26KM6mQNaXpVf6gXhUjxpEzvjB79eR/1aiuKWYiIjDKJvn0ZHUC1DIu0XA3Yn2r EczS27EpSvJERfSffpN2+hrsIkN5sb7mf1xp4iue6ZZwE+t9atznelTl9d0oQaHFv/+5 IAAbv3zALcm0egsUc5ZVPt0794asTRGgUXnGDvYZELiQyrN7RzLYPy5kSfmB4Gfv2W+S bhccLAYEyWUcUbsfuTi6GABc6ia1sSQxKOraZ5hO7mQSeiO5MPmYVv+Az+Ud/Lw7fGa0 KHKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=xpWTKdtNyfMU13UuerndItrEInrGxLzB3FypwWV6DkE=; b=Kqv4Yl32FHRmOJ2PaK3KeNkc/8O99+P5f42WF6xaBsXQ92AkmdDJhEQaNPglop0/1s i8qwwJnpi3kLmrHq59+c7PHx7FH6YF1Trs9RzH6mA1Aco4NdX+4JZ8zh2q5ATmduCoCU 5gTtMX71siX+C5uqrQxlMoeA8/9eFl0lVMlQzTNueT5I49oHSgo5wFaM+24FcoIu2J0U TaEJpP3UPLCYEtvLXN7uLCV5vMvkQ+c5Fe0mBfWVfvur350dqj7RBrh16oXSG3xxJINw NEO1ikVIPrkD/XZyOyH6rYfPs1KKOrEk2KtUrDD0oxSqyf9kB67SNuQGADA4GU/t2NFA YuWg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=c9crif5r; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 21si11138695ejc.413.2021.06.21.09.35.13; Mon, 21 Jun 2021 09:35:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=c9crif5r; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232596AbhFUQgc (ORCPT + 99 others); Mon, 21 Jun 2021 12:36:32 -0400 Received: from mail.kernel.org ([198.145.29.99]:55944 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231790AbhFUQdH (ORCPT ); Mon, 21 Jun 2021 12:33:07 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id D8BAF613FE; Mon, 21 Jun 2021 16:26:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1624292770; bh=+kw6gacuD5MpMIJNQY2MyzuE7L6CZv/U0LPHVX2OrnM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=c9crif5r7ft9zRUegLJgo2+FAZNgg2DwKC66fPCnNtDHHC/dYd//4TxazhYYAY8MS sVyWZCQlZX9YdiRWUkKm3tFhdGUXfUW+OAyuzxFttEzfsG4IfqfyONfiYrH0tQXtaL Nc8oZO0dmfezX9TsS/OD8iKWzXNLjQw4TexllZmQ= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Harald Freudenberger , Vasily Gorbik Subject: [PATCH 5.10 116/146] s390/ap: Fix hanging ioctl caused by wrong msg counter Date: Mon, 21 Jun 2021 18:15:46 +0200 Message-Id: <20210621154918.755849420@linuxfoundation.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210621154911.244649123@linuxfoundation.org> References: <20210621154911.244649123@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Harald Freudenberger commit e73a99f3287a740a07d6618e9470f4d6cb217da8 upstream. When a AP queue is switched to soft offline, all pending requests are purged out of the pending requests list and 'received' by the upper layer like zcrypt device drivers. This is also done for requests which are already enqueued into the firmware queue. A request in a firmware queue may eventually produce an response message, but there is no waiting process any more. However, the response was counted with the queue_counter and as this counter was reset to 0 with the offline switch, the pending response caused the queue_counter to get negative. The next request increased this counter to 0 (instead of 1) which caused the ap code to assume there is nothing to receive and so the response for this valid request was never tried to fetch from the firmware queue. This all caused a queue to not work properly after a switch offline/online and in the end processes to hang forever when trying to send a crypto request after an queue offline/online switch cicle. Fixed by a) making sure the counter does not drop below 0 and b) on a successful enqueue of a message has at least a value of 1. Additionally a warning is emitted, when a reply can't get assigned to a waiting process. This may be normal operation (process had timeout or has been killed) but may give a hint that something unexpected happened (like this odd behavior described above). Signed-off-by: Harald Freudenberger Cc: stable@vger.kernel.org Signed-off-by: Vasily Gorbik Signed-off-by: Greg Kroah-Hartman --- drivers/s390/crypto/ap_queue.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) --- a/drivers/s390/crypto/ap_queue.c +++ b/drivers/s390/crypto/ap_queue.c @@ -135,12 +135,13 @@ static struct ap_queue_status ap_sm_recv { struct ap_queue_status status; struct ap_message *ap_msg; + bool found = false; status = ap_dqap(aq->qid, &aq->reply->psmid, aq->reply->msg, aq->reply->len); switch (status.response_code) { case AP_RESPONSE_NORMAL: - aq->queue_count--; + aq->queue_count = max_t(int, 0, aq->queue_count - 1); if (aq->queue_count > 0) mod_timer(&aq->timeout, jiffies + aq->request_timeout); @@ -150,8 +151,14 @@ static struct ap_queue_status ap_sm_recv list_del_init(&ap_msg->list); aq->pendingq_count--; ap_msg->receive(aq, ap_msg, aq->reply); + found = true; break; } + if (!found) { + AP_DBF_WARN("%s unassociated reply psmid=0x%016llx on 0x%02x.%04x\n", + __func__, aq->reply->psmid, + AP_QID_CARD(aq->qid), AP_QID_QUEUE(aq->qid)); + } fallthrough; case AP_RESPONSE_NO_PENDING_REPLY: if (!status.queue_empty || aq->queue_count <= 0) @@ -232,7 +239,7 @@ static enum ap_sm_wait ap_sm_write(struc ap_msg->flags & AP_MSG_FLAG_SPECIAL); switch (status.response_code) { case AP_RESPONSE_NORMAL: - aq->queue_count++; + aq->queue_count = max_t(int, 1, aq->queue_count + 1); if (aq->queue_count == 1) mod_timer(&aq->timeout, jiffies + aq->request_timeout); list_move_tail(&ap_msg->list, &aq->pendingq);