linux/drivers/infiniband
Petr Mladek 6efaf10f16 IB/rdmavt: Avoid queuing work into a destroyed cq kthread worker
The memory barrier is not enough to protect queuing works into
a destroyed cq kthread. Just imagine the following situation:

CPU1				CPU2

rvt_cq_enter()
  worker =  cq->rdi->worker;

				rvt_cq_exit()
				  rdi->worker = NULL;
				  smp_wmb();
				  kthread_flush_worker(worker);
				  kthread_stop(worker->task);
				  kfree(worker);

				  // nothing queued yet =>
				  // nothing flushed and
				  // happily stopped and freed

  if (likely(worker)) {
     // true => read before CPU2 acted
     cq->notify = RVT_CQ_NONE;
     cq->triggered++;
     kthread_queue_work(worker, &cq->comptask);

  BANG: worker has been flushed/stopped/freed in the meantime.

This patch solves this by protecting the critical sections by
rdi->n_cqs_lock. It seems that this lock is not much contended
and looks reasonable for this purpose.

One catch is that rvt_cq_enter() might be called from IRQ context.
Therefore we must always take the lock with IRQs disabled to avoid
a possible deadlock.

Signed-off-by: Petr Mladek <pmladek@suse.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
2016-12-14 12:16:11 -05:00
..
core mm: replace get_user_pages_remote() write/force parameters with gup_flags 2016-10-19 08:12:02 -07:00
hw IB/hfi1: Define platform_config_table_limits once 2016-12-11 15:29:42 -05:00
sw IB/rdmavt: Avoid queuing work into a destroyed cq kthread worker 2016-12-14 12:16:11 -05:00
ulp Merge of primary rdma-core code for 4.9 2016-10-09 17:04:33 -07:00
Kconfig qedr: Add RoCE driver framework 2016-10-14 15:00:10 -04:00
Makefile IB/rdmavt: Create module framework and handle driver registration 2016-03-10 20:37:04 -05:00