Link: https://lore.kernel.org/lkml/0000000000006946d2057bbd0eef@google.com/T/
Signed-off-by: Sasha Levin (Microsoft) <sashal@kernel.org>
---
- kernel/bpf/inode.c | 32 ++++++++++++++++++--------------
+ kernel/bpf/inode.c | 32 ++++++++++++++++++--------------
1 file changed, 18 insertions(+), 14 deletions(-)
-diff --git a/kernel/bpf/inode.c b/kernel/bpf/inode.c
-index 2ada5e21dfa6..4a8f390a2b82 100644
--- a/kernel/bpf/inode.c
+++ b/kernel/bpf/inode.c
-@@ -554,19 +554,6 @@ struct bpf_prog *bpf_prog_get_type_path(const char *name, enum bpf_prog_type typ
+@@ -554,19 +554,6 @@ struct bpf_prog *bpf_prog_get_type_path(
}
EXPORT_SYMBOL(bpf_prog_get_type_path);
/*
* Display the mount options in /proc/mounts.
*/
-@@ -579,11 +566,28 @@ static int bpf_show_options(struct seq_file *m, struct dentry *root)
+@@ -579,11 +566,28 @@ static int bpf_show_options(struct seq_f
return 0;
}
};
enum {
---
-2.19.1
-
--- /dev/null
+From 662d66466637862ef955f7f6e78a286d8cf0ebef Mon Sep 17 00:00:00 2001
+From: Kaike Wan <kaike.wan@intel.com>
+Date: Mon, 18 Mar 2019 09:55:19 -0700
+Subject: IB/hfi1: Failed to drain send queue when QP is put into error state
+
+From: Kaike Wan <kaike.wan@intel.com>
+
+commit 662d66466637862ef955f7f6e78a286d8cf0ebef upstream.
+
+When a QP is put into error state, all pending requests in the send work
+queue should be drained. The following sequence of events could lead to a
+failure, causing a request to hang:
+
+(1) The QP builds a packet and tries to send through SDMA engine.
+ However, PIO engine is still busy. Consequently, this packet is put on
+ the QP's tx list and the QP is put on the PIO waiting list. The field
+ qp->s_flags is set with HFI1_S_WAIT_PIO_DRAIN;
+
+(2) The QP is put into error state by the user application and
+ notify_error_qp() is called, which removes the QP from the PIO waiting
+ list and the packet from the QP's tx list. In addition, qp->s_flags is
+ cleared of RVT_S_ANY_WAIT_IO bits, which does not include
+ HFI1_S_WAIT_PIO_DRAIN bit;
+
+(3) The hfi1_schdule_send() function is called to drain the QP's send
+ queue. Subsequently, hfi1_do_send() is called. Since the flag bit
+ HFI1_S_WAIT_PIO_DRAIN is set in qp->s_flags, hfi1_send_ok() fails. As
+ a result, hfi1_do_send() bails out without draining any request from
+ the send queue;
+
+(4) The PIO engine completes the sending and tries to wake up any QP on
+ its waiting list. But the QP has been removed from the PIO waiting
+ list and therefore is kept in sleep forever.
+
+The fix is to clear qp->s_flags of HFI1_S_ANY_WAIT_IO bits in step (2).
+HFI1_S_ANY_WAIT_IO includes RVT_S_ANY_WAIT_IO and HFI1_S_WAIT_PIO_DRAIN.
+
+Fixes: 2e2ba09e48b7 ("IB/rdmavt, IB/hfi1: Create device dependent s_flags")
+Cc: <stable@vger.kernel.org> # 4.19.x+
+Reviewed-by: Mike Marciniszyn <mike.marciniszyn@intel.com>
+Reviewed-by: Alex Estrin <alex.estrin@intel.com>
+Signed-off-by: Kaike Wan <kaike.wan@intel.com>
+Signed-off-by: Dennis Dalessandro <dennis.dalessandro@intel.com>
+Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+
+---
+ drivers/infiniband/hw/hfi1/qp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/infiniband/hw/hfi1/qp.c
++++ b/drivers/infiniband/hw/hfi1/qp.c
+@@ -833,7 +833,7 @@ void notify_error_qp(struct rvt_qp *qp)
+ write_seqlock(lock);
+ if (!list_empty(&priv->s_iowait.list) &&
+ !(qp->s_flags & RVT_S_BUSY)) {
+- qp->s_flags &= ~RVT_S_ANY_WAIT_IO;
++ qp->s_flags &= ~HFI1_S_ANY_WAIT_IO;
+ list_del_init(&priv->s_iowait.list);
+ priv->s_iowait.lock = NULL;
+ rvt_put_qp(qp);
projects / thirdparty / kernel / stable-queue.git / commitdiff
