• Roland Dreier's avatar
    mlx4_core: Fix crash on uninitialized priv->cmd.slave_sem · f3d4c89e
    Roland Dreier authored
    On an SR-IOV master device, __mlx4_init_one() calls mlx4_init_hca()
    before mlx4_multi_func_init().  However, for unlucky configurations,
    mlx4_init_hca() might call mlx4_SENSE_PORT() (via mlx4_dev_cap()), and
    that calls mlx4_cmd_imm() with MLX4_CMD_WRAPPED set.
    
    However, on a multifunction device with MLX4_CMD_WRAPPED, __mlx4_cmd()
    calls into mlx4_slave_cmd(), and that immediately tries to do
    
    	down(&priv->cmd.slave_sem);
    
    but priv->cmd.slave_sem isn't initialized until mlx4_multi_func_init()
    (which we haven't called yet).  The next thing it tries to do is access
    priv->mfunc.vhcr, but that hasn't been allocated yet.
    
    Fix this by moving the initialization of slave_sem and vhcr up into
    mlx4_cmd_init(). Also, since slave_sem is really just being used as a
    mutex, convert it into a slave_cmd_mutex.
    Signed-off-by: default avatarRoland Dreier <roland@purestorage.com>
    f3d4c89e
mlx4.h 33.6 KB