RE: [Intel-wired-lan] [PATCH iwl-net] idpf: protect shutdown from reset
From: Salin, Samuel
Date: Fri Apr 25 2025 - 13:33:48 EST
> -----Original Message-----
> From: Intel-wired-lan <intel-wired-lan-bounces@xxxxxxxxxx> On Behalf Of
> Tantilov, Emil S
> Sent: Wednesday, April 16, 2025 10:04 AM
> To: Zaremba, Larysa <larysa.zaremba@xxxxxxxxx>; intel-wired-
> lan@xxxxxxxxxxxxxxxx; Nguyen, Anthony L <anthony.l.nguyen@xxxxxxxxx>
> Cc: Michal Swiatkowski <michal.swiatkowski@xxxxxxxxxxxxxxx>; Chittim,
> Madhu <madhu.chittim@xxxxxxxxx>; Hay, Joshua A
> <joshua.a.hay@xxxxxxxxx>; Kubiak, Michal <michal.kubiak@xxxxxxxxx>;
> Kitszel, Przemyslaw <przemyslaw.kitszel@xxxxxxxxx>; Andrew Lunn
> <andrew+netdev@xxxxxxx>; David S. Miller <davem@xxxxxxxxxxxxx>;
> Dumazet, Eric <edumazet@xxxxxxxxxx>; Jakub Kicinski <kuba@xxxxxxxxxx>;
> Paolo Abeni <pabeni@xxxxxxxxxx>; Simon Horman <horms@xxxxxxxxxx>;
> netdev@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx
> Subject: Re: [Intel-wired-lan] [PATCH iwl-net] idpf: protect shutdown from
> reset
>
>
>
> On 4/10/2025 4:52 AM, Larysa Zaremba wrote:
> > Before the referenced commit, the shutdown just called idpf_remove(),
> > this way IDPF_REMOVE_IN_PROG was protecting us from the serv_task
> > rescheduling reset. Without this flag set the shutdown process is
> > vulnerable to HW reset or any other triggering conditions (such as
> > default mailbox being destroyed).
> >
> > When one of conditions checked in idpf_service_task becomes true,
> > vc_event_task can be rescheduled during shutdown, this leads to
> > accessing freed memory e.g. idpf_req_rel_vector_indexes() trying to
> > read
> > vport->q_vector_idxs. This in turn causes the system to become defunct
> > during e.g. systemctl kexec.
> >
> > Considering using IDPF_REMOVE_IN_PROG would lead to more heavy
> > shutdown process, instead just cancel the serv_task before cancelling
> > adapter->serv_task before cancelling adapter->vc_event_task to ensure
> > adapter->that
> > reset will not be scheduled while we are doing a shutdown.
> >
> > Fixes: 4c9106f4906a ("idpf: fix adapter NULL pointer dereference on
> > reboot")
> > Reviewed-by: Michal Swiatkowski <michal.swiatkowski@xxxxxxxxxxxxxxx>
> > Signed-off-by: Larysa Zaremba <larysa.zaremba@xxxxxxxxx>
> > ---
> Reviewed-by: Emil Tantilov <emil.s.tantilov@xxxxxxxxx>
Tested-by: Samuel Salin <Samuel.salin@xxxxxxxxx>