From 370a6b9bca4364d2861831813ae01a4e869d5b8e Mon Sep 17 00:00:00 2001 From: Saurabh Singhal Date: Tue, 29 Aug 2023 10:27:57 -0700 Subject: [PATCH 1/2] iavf: Unregister vfio interrupt handler before interrup fd close Unregister VFIO interrupt handler before the interrupt fd gets closed in case iavf_dev_init() returns an error. dpdk creates a standalone thread named eal-intr-thread for processing interrupts for the PCI devices. The interrupt handler callbacks are registered by the VF driver(iavf, in this case). When we do a PCI probe of the network interfaces, we register an interrupt handler, open a vfio-device fd(using ioctl) and an eventfd in dpdk. These interrupt sources are registered in a global linked list that the eal-intr-thread keeps iterating over for handling the interrupts. In our internal testing, we see eal-intr-thread crash in these two ways: Error adding fd 660 epoll_ctl, Operation not permitted or Error adding fd 660 epoll_ctl, Bad file descriptor epoll_ctl() returns EPERM if the target fd does not support poll. It returns EBADF when the epoll fd itself is closed or the target fd is closed. When the first type of crash happens, we see that the fd 660 is anon_inode:[vfio-device] which does not support poll. When the second type of crash happens, we could see from the fd map of the crashing process that the fd 660 was already closed. We observed that these crashes were always accompanied by an error in iavf_dev_init() after rte_intr_callback_register() and iavf_enable_irq0() have already happened. In the error path, the intr_handle_fd was being closed but the interrupt handler wasn't being unregistered. The fix is to unregister the interrupt handle in the iavf_dev_init() error path. --- drivers/net/iavf/iavf_ethdev.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/drivers/net/iavf/iavf_ethdev.c b/drivers/net/iavf/iavf_ethdev.c index f2fc5a56216..33049d6d8ca 100644 --- a/drivers/net/iavf/iavf_ethdev.c +++ b/drivers/net/iavf/iavf_ethdev.c @@ -133,6 +133,8 @@ static int iavf_dev_rx_queue_intr_enable(struct rte_eth_dev *dev, uint16_t queue_id); static int iavf_dev_rx_queue_intr_disable(struct rte_eth_dev *dev, uint16_t queue_id); +static void iavf_dev_interrupt_handler(void *param); +static inline void iavf_disable_irq0(struct iavf_hw *hw); static int iavf_dev_flow_ops_get(struct rte_eth_dev *dev, const struct rte_flow_ops **ops); static int iavf_set_mc_addr_list(struct rte_eth_dev *dev, @@ -2490,9 +2492,22 @@ iavf_uninit_vf(struct rte_eth_dev *dev) { struct iavf_hw *hw = IAVF_DEV_PRIVATE_TO_HW(dev->data->dev_private); struct iavf_info *vf = IAVF_DEV_PRIVATE_TO_VF(dev->data->dev_private); + struct rte_pci_device *pci_dev = RTE_ETH_DEV_TO_PCI(dev); + struct rte_intr_handle *intr_handle = pci_dev->intr_handle; iavf_shutdown_adminq(hw); + if (vf->vf_res->vf_cap_flags & VIRTCHNL_VF_OFFLOAD_WB_ON_ITR) { + /* disable uio intr before callback unregister */ + rte_intr_disable(intr_handle); + + /* unregister callback func from eal lib */ + rte_intr_callback_unregister(intr_handle, + iavf_dev_interrupt_handler, dev); + } else { + rte_eal_alarm_cancel(iavf_dev_alarm_handler, dev); + } + rte_free(vf->vf_res); vf->vsi_res = NULL; vf->vf_res = NULL; From cfe3a0d01a0325777bdd1b79cc3eb8c8b5b228be Mon Sep 17 00:00:00 2001 From: Saurabh Singhal Date: Tue, 29 Aug 2023 10:35:54 -0700 Subject: [PATCH 2/2] iavf: Avoid leaking MAC address and other VF resources If iavf_dev_init() returns an error from iavf_security_ctx_create() or iavf_security_init(), we were leaking MAC address and other VF resources(freed by iavf_uninit_vf()). Make sure we free those resources before returning. --- drivers/net/iavf/iavf_ethdev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/iavf/iavf_ethdev.c b/drivers/net/iavf/iavf_ethdev.c index 33049d6d8ca..a2785770e2d 100644 --- a/drivers/net/iavf/iavf_ethdev.c +++ b/drivers/net/iavf/iavf_ethdev.c @@ -2724,13 +2724,13 @@ iavf_dev_init(struct rte_eth_dev *eth_dev) ret = iavf_security_ctx_create(adapter); if (ret) { PMD_INIT_LOG(ERR, "failed to create ipsec crypto security instance"); - return ret; + goto flow_init_err; } ret = iavf_security_init(adapter); if (ret) { PMD_INIT_LOG(ERR, "failed to initialized ipsec crypto resources"); - return ret; + goto flow_init_err; } }