From 4030d141751c6fb73270fdb8e8c46854df307865 Mon Sep 17 00:00:00 2001 From: Junxian Huang Date: Thu, 18 Apr 2024 13:49:30 +0800 Subject: [PATCH 31/33] libhns: Fix several context locks issue mainline inclusion from mainline-master commit 6772962084dd1ee0ec277d79c63673f8736aa94f category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I9NZME CVE: NA Reference: https://github.com/linux-rdma/rdma-core/pull/1450/commits/6772962084dd1ee0ec277d79c63673f8736aa94f ---------------------------------------------------------------------- Fix several context lock issue: 1. db_list_mutex is used without init currently. Add its init to hns_roce_alloc_context(). 2. pthread_mutex_init()/pthread_spin_init() may return error value. Check the return value in hns_roce_alloc_context(). 3. Add destruction for these context locks. 4. Encapsulate init and destruction functions for these context locks. Fixes: 13eae8889690 ("libhns: Support rq record doorbell") Fixes: 887b78c80224 ("libhns: Add initial main frame") Signed-off-by: Junxian Huang Signed-off-by: Juan Zhou --- providers/hns/hns_roce_u.c | 61 ++++++++++++++++++++++++++++++++------ 1 file changed, 52 insertions(+), 9 deletions(-) diff --git a/providers/hns/hns_roce_u.c b/providers/hns/hns_roce_u.c index c4a3ba5..e219b9e 100644 --- a/providers/hns/hns_roce_u.c +++ b/providers/hns/hns_roce_u.c @@ -355,6 +355,47 @@ static void ucontext_set_cmd(struct hns_roce_alloc_ucontext *cmd, } } +static int hns_roce_init_context_lock(struct hns_roce_context *context) +{ + int ret; + + ret = pthread_spin_init(&context->uar_lock, PTHREAD_PROCESS_PRIVATE); + if (ret) + return ret; + + ret = pthread_mutex_init(&context->qp_table_mutex, NULL); + if (ret) + goto destroy_uar_lock; + + ret = pthread_mutex_init(&context->srq_table_mutex, NULL); + if (ret) + goto destroy_qp_mutex; + + ret = pthread_mutex_init(&context->db_list_mutex, NULL); + if (ret) + goto destroy_srq_mutex; + + return 0; + +destroy_srq_mutex: + pthread_mutex_destroy(&context->srq_table_mutex); + +destroy_qp_mutex: + pthread_mutex_destroy(&context->qp_table_mutex); + +destroy_uar_lock: + pthread_spin_destroy(&context->uar_lock); + return ret; +} + +static void hns_roce_destroy_context_lock(struct hns_roce_context *context) +{ + pthread_spin_destroy(&context->uar_lock); + pthread_mutex_destroy(&context->qp_table_mutex); + pthread_mutex_destroy(&context->srq_table_mutex); + pthread_mutex_destroy(&context->db_list_mutex); +} + static struct verbs_context *hns_roce_alloc_context(struct ibv_device *ibdev, int cmd_fd, void *private_data) @@ -373,19 +414,22 @@ static struct verbs_context *hns_roce_alloc_context(struct ibv_device *ibdev, ucontext_set_cmd(&cmd, ctx_attr); if (ibv_cmd_get_context(&context->ibv_ctx, &cmd.ibv_cmd, sizeof(cmd), &resp.ibv_resp, sizeof(resp))) - goto err_free; + goto err_ibv_cmd; + + if (hns_roce_init_context_lock(context)) + goto err_ibv_cmd; if (set_context_attr(hr_dev, context, &resp)) - goto err_free; + goto err_set_attr; context->uar = mmap(NULL, hr_dev->page_size, PROT_READ | PROT_WRITE, MAP_SHARED, cmd_fd, 0); if (context->uar == MAP_FAILED) - goto err_free; + goto err_set_attr; if (init_dca_context(context, cmd_fd, &resp, ctx_attr, hr_dev->page_size)) - goto err_free; + goto err_set_attr; if (init_reset_context(context, cmd_fd, &resp, hr_dev->page_size)) goto reset_free; @@ -393,10 +437,6 @@ static struct verbs_context *hns_roce_alloc_context(struct ibv_device *ibdev, if (hns_roce_mmap(hr_dev, context, cmd_fd)) goto uar_free; - pthread_mutex_init(&context->qp_table_mutex, NULL); - pthread_mutex_init(&context->srq_table_mutex, NULL); - pthread_spin_init(&context->uar_lock, PTHREAD_PROCESS_PRIVATE); - verbs_set_ops(&context->ibv_ctx, &hns_common_ops); verbs_set_ops(&context->ibv_ctx, &hr_dev->u_hw->hw_ops); @@ -407,7 +447,9 @@ uar_free: munmap(context->reset_state, hr_dev->page_size); reset_free: uninit_dca_context(context); -err_free: +err_set_attr: + hns_roce_destroy_context_lock(context); +err_ibv_cmd: verbs_uninit_context(&context->ibv_ctx); free(context); return NULL; @@ -422,6 +464,7 @@ static void hns_roce_free_context(struct ibv_context *ibctx) if (context->reset_state) munmap(context->reset_state, hr_dev->page_size); uninit_dca_context(context); + hns_roce_destroy_context_lock(context); verbs_uninit_context(&context->ibv_ctx); free(context); } -- 2.33.0