From: Greg Kroah-Hartman Date: Fri, 20 Jul 2018 07:28:12 +0000 (+0200) Subject: 4.17-stable patches X-Git-Tag: v3.18.116~14 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1de3b003aedea72b9213351103006308bd2a282d;p=thirdparty%2Fkernel%2Fstable-queue.git 4.17-stable patches added patches: pci-hv-disable-enable-irqs-rather-than-bh-in-hv_compose_msi_msg.patch --- diff --git a/queue-4.17/pci-hv-disable-enable-irqs-rather-than-bh-in-hv_compose_msi_msg.patch b/queue-4.17/pci-hv-disable-enable-irqs-rather-than-bh-in-hv_compose_msi_msg.patch new file mode 100644 index 00000000000..f98c153632a --- /dev/null +++ b/queue-4.17/pci-hv-disable-enable-irqs-rather-than-bh-in-hv_compose_msi_msg.patch @@ -0,0 +1,73 @@ +From 35a88a18d7ea58600e11590405bc93b08e16e7f5 Mon Sep 17 00:00:00 2001 +From: Dexuan Cui +Date: Mon, 9 Jul 2018 13:16:07 -0500 +Subject: PCI: hv: Disable/enable IRQs rather than BH in hv_compose_msi_msg() + +From: Dexuan Cui + +commit 35a88a18d7ea58600e11590405bc93b08e16e7f5 upstream. + +Commit de0aa7b2f97d ("PCI: hv: Fix 2 hang issues in hv_compose_msi_msg()") +uses local_bh_disable()/enable(), because hv_pci_onchannelcallback() can +also run in tasklet context as the channel event callback, so bottom halves +should be disabled to prevent a race condition. + +With CONFIG_PROVE_LOCKING=y in the recent mainline, or old kernels that +don't have commit f71b74bca637 ("irq/softirqs: Use lockdep to assert IRQs +are disabled/enabled"), when the upper layer IRQ code calls +hv_compose_msi_msg() with local IRQs disabled, we'll see a warning at the +beginning of __local_bh_enable_ip(): + + IRQs not enabled as expected + WARNING: CPU: 0 PID: 408 at kernel/softirq.c:162 __local_bh_enable_ip + +The warning exposes an issue in de0aa7b2f97d: local_bh_enable() can +potentially call do_softirq(), which is not supposed to run when local IRQs +are disabled. Let's fix this by using local_irq_save()/restore() instead. + +Note: hv_pci_onchannelcallback() is not a hot path because it's only called +when the PCI device is hot added and removed, which is infrequent. + +Fixes: de0aa7b2f97d ("PCI: hv: Fix 2 hang issues in hv_compose_msi_msg()") +Signed-off-by: Dexuan Cui +Signed-off-by: Lorenzo Pieralisi +Signed-off-by: Bjorn Helgaas +Reviewed-by: Haiyang Zhang +Cc: stable@vger.kernel.org +Cc: Stephen Hemminger +Cc: K. Y. Srinivasan +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/pci/host/pci-hyperv.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +--- a/drivers/pci/host/pci-hyperv.c ++++ b/drivers/pci/host/pci-hyperv.c +@@ -1077,6 +1077,7 @@ static void hv_compose_msi_msg(struct ir + struct pci_bus *pbus; + struct pci_dev *pdev; + struct cpumask *dest; ++ unsigned long flags; + struct compose_comp_ctxt comp; + struct tran_int_desc *int_desc; + struct { +@@ -1168,14 +1169,15 @@ static void hv_compose_msi_msg(struct ir + * the channel callback directly when channel->target_cpu is + * the current CPU. When the higher level interrupt code + * calls us with interrupt enabled, let's add the +- * local_bh_disable()/enable() to avoid race. ++ * local_irq_save()/restore() to avoid race: ++ * hv_pci_onchannelcallback() can also run in tasklet. + */ +- local_bh_disable(); ++ local_irq_save(flags); + + if (hbus->hdev->channel->target_cpu == smp_processor_id()) + hv_pci_onchannelcallback(hbus); + +- local_bh_enable(); ++ local_irq_restore(flags); + + if (hpdev->state == hv_pcichild_ejecting) { + dev_err_once(&hbus->hdev->device, diff --git a/queue-4.17/series b/queue-4.17/series index c1aa73fa325..949ccde67b1 100644 --- a/queue-4.17/series +++ b/queue-4.17/series @@ -64,3 +64,4 @@ rtlwifi-fix-kernel-oops-fw-download-fail.patch rtlwifi-rtl8821ae-fix-firmware-is-not-ready-to-run.patch net-lan78xx-fix-race-in-tx-pending-skb-size-calculation.patch crypto-af_alg-initialize-sg_num_bytes-in-error-code-path.patch +pci-hv-disable-enable-irqs-rather-than-bh-in-hv_compose_msi_msg.patch