| Message ID | 20220517012530.75714-1-duoming@zju.edu.cn (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | 23dd4581350d4ffa23d58976ec46408f8f4c1e16 |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | [net,v2] NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc | expand |
On 17/05/2022 03:25, Duoming Zhou wrote: > There are sleep in atomic context bugs when the request to secure > element of st-nci is timeout. The root cause is that nci_skb_alloc > with GFP_KERNEL parameter is called in st_nci_se_wt_timeout which is > a timer handler. The call paths that could trigger bugs are shown below: > > (interrupt context 1) > st_nci_se_wt_timeout > nci_hci_send_event > nci_hci_send_data > nci_skb_alloc(..., GFP_KERNEL) //may sleep > > (interrupt context 2) > st_nci_se_wt_timeout > nci_hci_send_event > nci_hci_send_data > nci_send_data > nci_queue_tx_data_frags > nci_skb_alloc(..., GFP_KERNEL) //may sleep > > This patch changes allocation mode of nci_skb_alloc from GFP_KERNEL to > GFP_ATOMIC in order to prevent atomic context sleeping. The GFP_ATOMIC > flag makes memory allocation operation could be used in atomic context. > > Fixes: ed06aeefdac3 ("nfc: st-nci: Rename st21nfcb to st-nci") > Signed-off-by: Duoming Zhou <duoming@zju.edu.cn> > --- > Changes in v2: > - Change the Fixes tag to commit st_nci_se_wt_timeout was added. Please add Acked-by/Reviewed-by tags when posting new versions. However, there's no need to repost patches *only* to add the tags. The upstream maintainer will do that for acks received on the version they apply. https://elixir.bootlin.com/linux/v5.13/source/Documentation/process/submitting-patches.rst#L543 If a tag was not added on purpose, please state why and what changed. Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> Best regards, Krzysztof
Hello, On Tue, 17 May 2022 08:25:04 +0200 Krzysztof wrote: > On 17/05/2022 03:25, Duoming Zhou wrote: > > There are sleep in atomic context bugs when the request to secure > > element of st-nci is timeout. The root cause is that nci_skb_alloc > > with GFP_KERNEL parameter is called in st_nci_se_wt_timeout which is > > a timer handler. The call paths that could trigger bugs are shown below: > > > > (interrupt context 1) > > st_nci_se_wt_timeout > > nci_hci_send_event > > nci_hci_send_data > > nci_skb_alloc(..., GFP_KERNEL) //may sleep > > > > (interrupt context 2) > > st_nci_se_wt_timeout > > nci_hci_send_event > > nci_hci_send_data > > nci_send_data > > nci_queue_tx_data_frags > > nci_skb_alloc(..., GFP_KERNEL) //may sleep > > > > This patch changes allocation mode of nci_skb_alloc from GFP_KERNEL to > > GFP_ATOMIC in order to prevent atomic context sleeping. The GFP_ATOMIC > > flag makes memory allocation operation could be used in atomic context. > > > > Fixes: ed06aeefdac3 ("nfc: st-nci: Rename st21nfcb to st-nci") > > Signed-off-by: Duoming Zhou <duoming@zju.edu.cn> > > --- > > Changes in v2: > > - Change the Fixes tag to commit st_nci_se_wt_timeout was added. > > Please add Acked-by/Reviewed-by tags when posting new versions. However, > there's no need to repost patches *only* to add the tags. The upstream > maintainer will do that for acks received on the version they apply. > > https://elixir.bootlin.com/linux/v5.13/source/Documentation/process/submitting-patches.rst#L543 > > If a tag was not added on purpose, please state why and what changed. Thank you very much, I will read the documentation carefully. I'm sorry, I forgot the Reviewed-by tag. > Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> Best regards, Duoming Zhou
Hello: This patch was applied to netdev/net.git (master) by Jakub Kicinski <kuba@kernel.org>: On Tue, 17 May 2022 09:25:30 +0800 you wrote: > There are sleep in atomic context bugs when the request to secure > element of st-nci is timeout. The root cause is that nci_skb_alloc > with GFP_KERNEL parameter is called in st_nci_se_wt_timeout which is > a timer handler. The call paths that could trigger bugs are shown below: > > (interrupt context 1) > st_nci_se_wt_timeout > nci_hci_send_event > nci_hci_send_data > nci_skb_alloc(..., GFP_KERNEL) //may sleep > > [...] Here is the summary with links: - [net,v2] NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc https://git.kernel.org/netdev/net/c/23dd4581350d You are awesome, thank you!
diff --git a/net/nfc/nci/data.c b/net/nfc/nci/data.c index 6055dc9a82a..aa5e712adf0 100644 --- a/net/nfc/nci/data.c +++ b/net/nfc/nci/data.c @@ -118,7 +118,7 @@ static int nci_queue_tx_data_frags(struct nci_dev *ndev, skb_frag = nci_skb_alloc(ndev, (NCI_DATA_HDR_SIZE + frag_len), - GFP_KERNEL); + GFP_ATOMIC); if (skb_frag == NULL) { rc = -ENOMEM; goto free_exit; diff --git a/net/nfc/nci/hci.c b/net/nfc/nci/hci.c index 19703a649b5..78c4b6addf1 100644 --- a/net/nfc/nci/hci.c +++ b/net/nfc/nci/hci.c @@ -153,7 +153,7 @@ static int nci_hci_send_data(struct nci_dev *ndev, u8 pipe, i = 0; skb = nci_skb_alloc(ndev, conn_info->max_pkt_payload_len + - NCI_DATA_HDR_SIZE, GFP_KERNEL); + NCI_DATA_HDR_SIZE, GFP_ATOMIC); if (!skb) return -ENOMEM; @@ -184,7 +184,7 @@ static int nci_hci_send_data(struct nci_dev *ndev, u8 pipe, if (i < data_len) { skb = nci_skb_alloc(ndev, conn_info->max_pkt_payload_len + - NCI_DATA_HDR_SIZE, GFP_KERNEL); + NCI_DATA_HDR_SIZE, GFP_ATOMIC); if (!skb) return -ENOMEM;
There are sleep in atomic context bugs when the request to secure element of st-nci is timeout. The root cause is that nci_skb_alloc with GFP_KERNEL parameter is called in st_nci_se_wt_timeout which is a timer handler. The call paths that could trigger bugs are shown below: (interrupt context 1) st_nci_se_wt_timeout nci_hci_send_event nci_hci_send_data nci_skb_alloc(..., GFP_KERNEL) //may sleep (interrupt context 2) st_nci_se_wt_timeout nci_hci_send_event nci_hci_send_data nci_send_data nci_queue_tx_data_frags nci_skb_alloc(..., GFP_KERNEL) //may sleep This patch changes allocation mode of nci_skb_alloc from GFP_KERNEL to GFP_ATOMIC in order to prevent atomic context sleeping. The GFP_ATOMIC flag makes memory allocation operation could be used in atomic context. Fixes: ed06aeefdac3 ("nfc: st-nci: Rename st21nfcb to st-nci") Signed-off-by: Duoming Zhou <duoming@zju.edu.cn> --- Changes in v2: - Change the Fixes tag to commit st_nci_se_wt_timeout was added. net/nfc/nci/data.c | 2 +- net/nfc/nci/hci.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-)