• Jan Sokolowski's avatar
    i40e: Fix DMA mappings leak · aae425ef
    Jan Sokolowski authored
    During reallocation of RX buffers, new DMA mappings are created for
    those buffers.
    
    steps for reproduction:
    while :
    do
    for ((i=0; i<=8160; i=i+32))
    do
    ethtool -G enp130s0f0 rx $i tx $i
    sleep 0.5
    ethtool -g enp130s0f0
    done
    done
    
    This resulted in crash:
    i40e 0000:01:00.1: Unable to allocate memory for the Rx descriptor ring, size=65536
    Driver BUG
    WARNING: CPU: 0 PID: 4300 at net/core/xdp.c:141 xdp_rxq_info_unreg+0x43/0x50
    Call Trace:
    i40e_free_rx_resources+0x70/0x80 [i40e]
    i40e_set_ringparam+0x27c/0x800 [i40e]
    ethnl_set_rings+0x1b2/0x290
    genl_family_rcv_msg_doit.isra.15+0x10f/0x150
    genl_family_rcv_msg+0xb3/0x160
    ? rings_fill_reply+0x1a0/0x1a0
    genl_rcv_msg+0x47/0x90
    ? genl_family_rcv_msg+0x160/0x160
    netlink_rcv_skb+0x4c/0x120
    genl_rcv+0x24/0x40
    netlink_unicast+0x196/0x230
    netlink_sendmsg+0x204/0x3d0
    sock_sendmsg+0x4c/0x50
    __sys_sendto+0xee/0x160
    ? handle_mm_fault+0xbe/0x1e0
    ? syscall_trace_enter+0x1d3/0x2c0
    __x64_sys_sendto+0x24/0x30
    do_syscall_64+0x5b/0x1a0
    entry_SYSCALL_64_after_hwframe+0x65/0xca
    RIP: 0033:0x7f5eac8b035b
    Missing register, driver bug
    WARNING: CPU: 0 PID: 4300 at net/core/xdp.c:119 xdp_rxq_info_unreg_mem_model+0x69/0x140
    Call Trace:
    xdp_rxq_info_unreg+0x1e/0x50
    i40e_free_rx_resources+0x70/0x80 [i40e]
    i40e_set_ringparam+0x27c/0x800 [i40e]
    ethnl_set_rings+0x1b2/0x290
    genl_family_rcv_msg_doit.isra.15+0x10f/0x150
    genl_family_rcv_msg+0xb3/0x160
    ? rings_fill_reply+0x1a0/0x1a0
    genl_rcv_msg+0x47/0x90
    ? genl_family_rcv_msg+0x160/0x160
    netlink_rcv_skb+0x4c/0x120
    genl_rcv+0x24/0x40
    netlink_unicast+0x196/0x230
    netlink_sendmsg+0x204/0x3d0
    sock_sendmsg+0x4c/0x50
    __sys_sendto+0xee/0x160
    ? handle_mm_fault+0xbe/0x1e0
    ? syscall_trace_enter+0x1d3/0x2c0
    __x64_sys_sendto+0x24/0x30
    do_syscall_64+0x5b/0x1a0
    entry_SYSCALL_64_after_hwframe+0x65/0xca
    RIP: 0033:0x7f5eac8b035b
    
    This was caused because of new buffers with different RX ring count should
    substitute older ones, but those buffers were freed in
    i40e_configure_rx_ring and reallocated again with i40e_alloc_rx_bi,
    thus kfree on rx_bi caused leak of already mapped DMA.
    
    Fix this by reallocating ZC with rx_bi_zc struct when BPF program loads. Additionally
    reallocate back to rx_bi when BPF program unloads.
    
    If BPF program is loaded/unloaded and XSK pools are created, reallocate
    RX queues accordingly in XSP_SETUP_XSK_POOL handler.
    
    Fixes: be1222b5 ("i40e: Separate kernel allocated rx_bi rings from AF_XDP rings")
    Signed-off-by: default avatarJan Sokolowski <jan.sokolowski@intel.com>
    Signed-off-by: default avatarMateusz Palczewski <mateusz.palczewski@intel.com>
    Signed-off-by: default avatarJacob Keller <jacob.e.keller@intel.com>
    Tested-by: Chandan <chandanx.rout@intel.com> (A Contingent Worker at Intel)
    Tested-by: Gurucharan <gurucharanx.g@intel.com> (A Contingent worker at Intel)
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    aae425ef
i40e_xsk.c 18.3 KB