[PATCH v2] net: ks8851: Fix deadlock with the SPI chip variant - Linux-stable-mirror

4 Jul 2024

From: Ronald Wahl ronald.wahl@raritan.com
When SMP is enabled and spinlocks are actually functional then there is
a deadlock with the 'statelock' spinlock between ks8851_start_xmit_spi
and ks8851_irq:
watchdog: BUG: soft lockup - CPU#0 stuck for 27s!
    call trace:
      queued_spin_lock_slowpath+0x100/0x284
      do_raw_spin_lock+0x34/0x44
      ks8851_start_xmit_spi+0x30/0xb8
      ks8851_start_xmit+0x14/0x20
      netdev_start_xmit+0x40/0x6c
      dev_hard_start_xmit+0x6c/0xbc
      sch_direct_xmit+0xa4/0x22c
      __qdisc_run+0x138/0x3fc
      qdisc_run+0x24/0x3c
      net_tx_action+0xf8/0x130
      handle_softirqs+0x1ac/0x1f0
      __do_softirq+0x14/0x20
      ____do_softirq+0x10/0x1c
      call_on_irq_stack+0x3c/0x58
      do_softirq_own_stack+0x1c/0x28
      __irq_exit_rcu+0x54/0x9c
      irq_exit_rcu+0x10/0x1c
      el1_interrupt+0x38/0x50
      el1h_64_irq_handler+0x18/0x24
      el1h_64_irq+0x64/0x68
      __netif_schedule+0x6c/0x80
      netif_tx_wake_queue+0x38/0x48
      ks8851_irq+0xb8/0x2c8
      irq_thread_fn+0x2c/0x74
      irq_thread+0x10c/0x1b0
      kthread+0xc8/0xd8
      ret_from_fork+0x10/0x20
This issue has not been identified earlier because tests were done on
a device with SMP disabled and so spinlocks were actually NOPs.
Now use spin_(un)lock_bh for TX queue related locking to avoid execution
of softirq work synchronously that would lead to a deadlock.
Fixes: 3dc5d4454545 ("net: ks8851: Fix TX stall caused by TX buffer overrun")
Cc: "David S. Miller" davem@davemloft.net
Cc: Eric Dumazet edumazet@google.com
Cc: Jakub Kicinski kuba@kernel.org
Cc: Paolo Abeni pabeni@redhat.com
Cc: Simon Horman horms@kernel.org
Cc: netdev@vger.kernel.org
Cc: stable@vger.kernel.org # 5.10+
Signed-off-by: Ronald Wahl ronald.wahl@raritan.com
---
V2: - use spin_lock_bh instead of moving netif_wake_queue outside of
      locked region (doing the same in the start_xmit function)
    - add missing net: tag
drivers/net/ethernet/micrel/ks8851_common.c | 4 ++--
 drivers/net/ethernet/micrel/ks8851_spi.c    | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/drivers/net/ethernet/micrel/ks8851_common.c b/drivers/net/ethernet/micrel/ks8851_common.c
index 6453c92f0fa7..51fb6c27153e 100644
--- a/drivers/net/ethernet/micrel/ks8851_common.c
+++ b/drivers/net/ethernet/micrel/ks8851_common.c
@@ -352,11 +352,11 @@ static irqreturn_t ks8851_irq(int irq, void *_ks)
    	netif_dbg(ks, intr, ks->netdev,
    		  "%s: txspace %d\n", __func__, tx_space);
-		spin_lock(&ks->statelock);
+		spin_lock_bh(&ks->statelock);
    	ks->tx_space = tx_space;
    	if (netif_queue_stopped(ks->netdev))
    		netif_wake_queue(ks->netdev);
-		spin_unlock(&ks->statelock);
+		spin_unlock_bh(&ks->statelock);
    }
if (status & IRQ_SPIBEI) {
diff --git a/drivers/net/ethernet/micrel/ks8851_spi.c b/drivers/net/ethernet/micrel/ks8851_spi.c
index 670c1de966db..818e1ce3227b 100644
--- a/drivers/net/ethernet/micrel/ks8851_spi.c
+++ b/drivers/net/ethernet/micrel/ks8851_spi.c
@@ -385,7 +385,7 @@ static netdev_tx_t ks8851_start_xmit_spi(struct sk_buff *skb,
    netif_dbg(ks, tx_queued, ks->netdev,
    	  "%s: skb %p, %d@%p\n", __func__, skb, skb->len, skb->data);
-	spin_lock(&ks->statelock);
+	spin_lock_bh(&ks->statelock);
if (ks->queued_len + needed > ks->tx_space) {
    	netif_stop_queue(dev);
@@ -395,7 +395,7 @@ static netdev_tx_t ks8851_start_xmit_spi(struct sk_buff *skb,
    	skb_queue_tail(&ks->txq, skb);
    }
-	spin_unlock(&ks->statelock);
+	spin_unlock_bh(&ks->statelock);
    if (ret == NETDEV_TX_OK)
    	schedule_work(&kss->tx_work);
--
2.45.2

    