1. 16 Oct, 2019 2 commits
    • Song Liu's avatar
      bpf/stackmap: Fix deadlock with rq_lock in bpf_get_stack() · eac9153f
      Song Liu authored
      bpf stackmap with build-id lookup (BPF_F_STACK_BUILD_ID) can trigger A-A
      deadlock on rq_lock():
      
      rcu: INFO: rcu_sched detected stalls on CPUs/tasks:
      [...]
      Call Trace:
       try_to_wake_up+0x1ad/0x590
       wake_up_q+0x54/0x80
       rwsem_wake+0x8a/0xb0
       bpf_get_stack+0x13c/0x150
       bpf_prog_fbdaf42eded9fe46_on_event+0x5e3/0x1000
       bpf_overflow_handler+0x60/0x100
       __perf_event_overflow+0x4f/0xf0
       perf_swevent_overflow+0x99/0xc0
       ___perf_sw_event+0xe7/0x120
       __schedule+0x47d/0x620
       schedule+0x29/0x90
       futex_wait_queue_me+0xb9/0x110
       futex_wait+0x139/0x230
       do_futex+0x2ac/0xa50
       __x64_sys_futex+0x13c/0x180
       do_syscall_64+0x42/0x100
       entry_SYSCALL_64_after_hwframe+0x44/0xa9
      
      This can be reproduced by:
      1. Start a multi-thread program that does parallel mmap() and malloc();
      2. taskset the program to 2 CPUs;
      3. Attach bpf program to trace_sched_switch and gather stackmap with
         build-id, e.g. with trace.py from bcc tools:
         trace.py -U -p <pid> -s <some-bin,some-lib> t:sched:sched_switch
      
      A sample reproducer is attached at the end.
      
      This could also trigger deadlock with other locks that are nested with
      rq_lock.
      
      Fix this by checking whether irqs are disabled. Since rq_lock and all
      other nested locks are irq safe, it is safe to do up_read() when irqs are
      not disable. If the irqs are disabled, postpone up_read() in irq_work.
      
      Fixes: 615755a7 ("bpf: extend stackmap to save binary_build_id+offset instead of address")
      Signed-off-by: default avatarSong Liu <songliubraving@fb.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Alexei Starovoitov <ast@kernel.org>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Link: https://lore.kernel.org/bpf/20191014171223.357174-1-songliubraving@fb.com
      
      Reproducer:
      ============================ 8< ============================
      
      char *filename;
      
      void *worker(void *p)
      {
              void *ptr;
              int fd;
              char *pptr;
      
              fd = open(filename, O_RDONLY);
              if (fd < 0)
                      return NULL;
              while (1) {
                      struct timespec ts = {0, 1000 + rand() % 2000};
      
                      ptr = mmap(NULL, 4096 * 64, PROT_READ, MAP_PRIVATE, fd, 0);
                      usleep(1);
                      if (ptr == MAP_FAILED) {
                              printf("failed to mmap\n");
                              break;
                      }
                      munmap(ptr, 4096 * 64);
                      usleep(1);
                      pptr = malloc(1);
                      usleep(1);
                      pptr[0] = 1;
                      usleep(1);
                      free(pptr);
                      usleep(1);
                      nanosleep(&ts, NULL);
              }
              close(fd);
              return NULL;
      }
      
      int main(int argc, char *argv[])
      {
              void *ptr;
              int i;
              pthread_t threads[THREAD_COUNT];
      
              if (argc < 2)
                      return 0;
      
              filename = argv[1];
      
              for (i = 0; i < THREAD_COUNT; i++) {
                      if (pthread_create(threads + i, NULL, worker, NULL)) {
                              fprintf(stderr, "Error creating thread\n");
                              return 0;
                      }
              }
      
              for (i = 0; i < THREAD_COUNT; i++)
                      pthread_join(threads[i], NULL);
              return 0;
      }
      ============================ 8< ============================
      eac9153f
    • Jakub Sitnicki's avatar
      scripts/bpf: Emit an #error directive known types list needs updating · 456a513b
      Jakub Sitnicki authored
      Make the compiler report a clear error when bpf_helpers_doc.py needs
      updating rather than rely on the fact that Clang fails to compile
      English:
      
      ../../../lib/bpf/bpf_helper_defs.h:2707:1: error: unknown type name 'Unrecognized'
      Unrecognized type 'struct bpf_inet_lookup', please add it to known types!
      Signed-off-by: default avatarJakub Sitnicki <jakub@cloudflare.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Link: https://lore.kernel.org/bpf/20191016085811.11700-1-jakub@cloudflare.com
      456a513b
  2. 15 Oct, 2019 14 commits
  3. 14 Oct, 2019 6 commits
    • David S. Miller's avatar
      Merge branch 'PTP-driver-refactoring-for-SJA1105-DSA' · 85a83a8f
      David S. Miller authored
      Vladimir Oltean says:
      
      ====================
      PTP driver refactoring for SJA1105 DSA
      
      This series creates a better separation between the driver core and the
      PTP portion. Therefore, users who are not interested in PTP can get a
      simpler and smaller driver by compiling it out.
      
      This is in preparation for further patches: SPI transfer timestamping,
      synchronizing the hardware clock (as opposed to keeping it
      free-running), PPS input/output, etc.
      ====================
      Acked-by: default avatarRichard Cochran <richardcochran@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      85a83a8f
    • Vladimir Oltean's avatar
      net: dsa: sja1105: Change the PTP command access pattern · 66427778
      Vladimir Oltean authored
      The PTP command register contains enable bits for:
      - Putting the 64-bit PTPCLKVAL register in add/subtract or write mode
      - Taking timestamps off of the corrected vs free-running clock
      - Starting/stopping the TTEthernet scheduling
      - Starting/stopping PPS output
      - Resetting the switch
      
      When a command needs to be issued (e.g. "change the PTPCLKVAL from write
      mode to add/subtract mode"), one cannot simply write to the command
      register setting the PTPCLKADD bit to 1, because that would zeroize the
      other settings. One also cannot do a read-modify-write (that would be
      too easy for this hardware) because not all bits of the command register
      are readable over SPI.
      
      So this leaves us with the only option of keeping the value of the PTP
      command register in the driver, and operating on that.
      
      Actually there are 2 types of PTP operations now:
      - Operations that modify the cached PTP command. These operate on
        ptp_data->cmd as a pointer.
      - Operations that apply all previously cached PTP settings, but don't
        otherwise cache what they did themselves. The sja1105_ptp_reset
        function is such an example. It copies the ptp_data->cmd on stack
        before modifying and writing it to SPI.
      
      This practically means that struct sja1105_ptp_cmd is no longer an
      implementation detail, since it needs to be stored in full into struct
      sja1105_ptp_data, and hence in struct sja1105_private. So the (*ptp_cmd)
      function prototype can change and take struct sja1105_ptp_cmd as second
      argument now.
      Signed-off-by: default avatarVladimir Oltean <olteanv@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      66427778
    • Vladimir Oltean's avatar
      net: dsa: sja1105: Move PTP data to its own private structure · a9d6ed7a
      Vladimir Oltean authored
      This is a non-functional change with 2 goals (both for the case when
      CONFIG_NET_DSA_SJA1105_PTP is not enabled):
      
      - Reduce the size of the sja1105_private structure.
      - Make the PTP code more self-contained.
      
      Leaving priv->ptp_data.lock to be initialized in sja1105_main.c is not a
      leftover: it will be used in a future patch "net: dsa: sja1105: Restore
      PTP time after switch reset".
      Signed-off-by: default avatarVladimir Oltean <olteanv@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a9d6ed7a
    • Vladimir Oltean's avatar
      net: dsa: sja1105: Make all public PTP functions take dsa_switch as argument · 61c77126
      Vladimir Oltean authored
      The new rule (as already started for sja1105_tas.h) is for functions of
      optional driver components (ones which may be disabled via Kconfig - PTP
      and TAS) to take struct dsa_switch *ds instead of struct sja1105_private
      *priv as first argument.
      
      This is so that forward-declarations of struct sja1105_private can be
      avoided.
      
      So make sja1105_ptp.h the second user of this rule.
      Signed-off-by: default avatarVladimir Oltean <olteanv@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      61c77126
    • Vladimir Oltean's avatar
      net: dsa: sja1105: Get rid of global declaration of struct ptp_clock_info · 5b3ae43a
      Vladimir Oltean authored
      We need priv->ptp_caps to hold a structure and not just a pointer,
      because we use container_of in the various PTP callbacks.
      
      Therefore, the sja1105_ptp_caps structure declared in the global memory
      of the driver serves no further purpose after copying it into
      priv->ptp_caps.
      
      So just populate priv->ptp_caps with the needed operations and remove
      sja1105_ptp_caps.
      Signed-off-by: default avatarVladimir Oltean <olteanv@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5b3ae43a
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next · a98d62c3
      David S. Miller authored
      Alexei Starovoitov says:
      
      ====================
      pull-request: bpf-next 2019-10-14
      
      The following pull-request contains BPF updates for your *net-next* tree.
      
      12 days of development and
      85 files changed, 1889 insertions(+), 1020 deletions(-)
      
      The main changes are:
      
      1) auto-generation of bpf_helper_defs.h, from Andrii.
      
      2) split of bpf_helpers.h into bpf_{helpers, helper_defs, endian, tracing}.h
         and move into libbpf, from Andrii.
      
      3) Track contents of read-only maps as scalars in the verifier, from Andrii.
      
      4) small x86 JIT optimization, from Daniel.
      
      5) cross compilation support, from Ivan.
      
      6) bpf flow_dissector enhancements, from Jakub and Stanislav.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a98d62c3
  4. 13 Oct, 2019 3 commits
  5. 12 Oct, 2019 15 commits