From: Saeed Mahameed <saeed@kernel.org>
To: "David S. Miller" <davem@davemloft.net>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
Eric Dumazet <edumazet@google.com>
Cc: Saeed Mahameed <saeedm@nvidia.com>,
netdev@vger.kernel.org, Tariq Toukan <tariqt@nvidia.com>,
Emeel Hakim <ehakim@nvidia.com>
Subject: [net 14/14] net/mlx5e: Fix possible race condition in macsec extended packet number update routine
Date: Mon, 21 Nov 2022 18:25:59 -0800 [thread overview]
Message-ID: <20221122022559.89459-15-saeed@kernel.org> (raw)
In-Reply-To: <20221122022559.89459-1-saeed@kernel.org>
From: Emeel Hakim <ehakim@nvidia.com>
Currenty extended packet number (EPN) update routine is accessing
macsec object without holding the general macsec lock hence facing
a possible race condition when an EPN update occurs while updating
or deleting the SA.
Fix by holding the general macsec lock before accessing the object.
Fixes: 4411a6c0abd3 ("net/mlx5e: Support MACsec offload extended packet number (EPN)")
Signed-off-by: Emeel Hakim <ehakim@nvidia.com>
Signed-off-by: Saeed Mahameed <saeedm@nvidia.com>
---
drivers/net/ethernet/mellanox/mlx5/core/en_accel/macsec.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/macsec.c b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/macsec.c
index 4f96c69c6cc4..3dc6c987b8da 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/macsec.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/macsec.c
@@ -1536,6 +1536,8 @@ static void macsec_async_event(struct work_struct *work)
async_work = container_of(work, struct mlx5e_macsec_async_work, work);
macsec = async_work->macsec;
+ mutex_lock(&macsec->lock);
+
mdev = async_work->mdev;
obj_id = async_work->obj_id;
macsec_sa = get_macsec_tx_sa_from_obj_id(macsec, obj_id);
@@ -1557,6 +1559,7 @@ static void macsec_async_event(struct work_struct *work)
out_async_work:
kfree(async_work);
+ mutex_unlock(&macsec->lock);
}
static int macsec_obj_change_event(struct notifier_block *nb, unsigned long event, void *data)
--
2.38.1
prev parent reply other threads:[~2022-11-22 2:29 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-22 2:25 [pull request][net 00/14] mlx5 fixes 2022-11-21 Saeed Mahameed
2022-11-22 2:25 ` [net 01/14] net/mlx5: Do not query pci info while pci disabled Saeed Mahameed
2022-11-23 5:00 ` patchwork-bot+netdevbpf
2022-11-22 2:25 ` [net 02/14] net/mlx5: Fix FW tracer timestamp calculation Saeed Mahameed
2022-11-22 2:25 ` [net 03/14] net/mlx5: SF: Fix probing active SFs during driver probe phase Saeed Mahameed
2022-11-23 14:57 ` Maciej Fijalkowski
2022-11-23 17:11 ` Parav Pandit
2022-11-23 17:44 ` Maciej Fijalkowski
2022-11-23 23:36 ` Saeed Mahameed
2022-11-22 2:25 ` [net 04/14] net/mlx5: cmdif, Print info on any firmware cmd failure to tracepoint Saeed Mahameed
2022-11-23 15:06 ` Maciej Fijalkowski
2022-11-23 23:48 ` Saeed Mahameed
2022-11-24 1:55 ` Jakub Kicinski
2022-11-24 4:37 ` Saeed Mahameed
2022-11-22 2:25 ` [net 05/14] net/mlx5: Fix handling of entry refcount when command is not issued to FW Saeed Mahameed
2022-11-22 2:25 ` [net 06/14] net/mlx5: Lag, avoid lockdep warnings Saeed Mahameed
2022-11-22 2:25 ` [net 07/14] net/mlx5: E-Switch, Set correctly vport destination Saeed Mahameed
2022-11-22 2:25 ` [net 08/14] net/mlx5: Fix sync reset event handler error flow Saeed Mahameed
2022-11-22 2:25 ` [net 09/14] net/mlx5e: Fix missing alignment in size of MTT/KLM entries Saeed Mahameed
2022-11-22 2:25 ` [net 10/14] net/mlx5e: Offload rule only when all encaps are valid Saeed Mahameed
2022-11-22 2:25 ` [net 11/14] net/mlx5e: Remove leftovers from old XSK queues enumeration Saeed Mahameed
2022-11-22 2:25 ` [net 12/14] net/mlx5e: Fix MACsec SA initialization routine Saeed Mahameed
2022-11-22 2:25 ` [net 13/14] net/mlx5e: Fix MACsec update SecY Saeed Mahameed
2022-11-23 15:21 ` Maciej Fijalkowski
2022-11-23 23:57 ` Saeed Mahameed
2022-11-22 2:25 ` Saeed Mahameed [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221122022559.89459-15-saeed@kernel.org \
--to=saeed@kernel.org \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=ehakim@nvidia.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=saeedm@nvidia.com \
--cc=tariqt@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.