From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 50C38C433FE for ; Tue, 16 Nov 2021 01:54:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3501A619E0 for ; Tue, 16 Nov 2021 01:54:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1358903AbhKPB5W (ORCPT ); Mon, 15 Nov 2021 20:57:22 -0500 Received: from mail.kernel.org ([198.145.29.99]:56282 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239284AbhKOSOg (ORCPT ); Mon, 15 Nov 2021 13:14:36 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id D8CD5633DF; Mon, 15 Nov 2021 17:49:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1636998579; bh=PqceHoledYhFjWn6V8i0N2MDA8fn6LOWSL30df1UJvg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fIPze29iHADS2Fp5NZDsFtYqoKKHdLRwPMob0DARxlU7wT8bVwsWxCy6odkJJ00BK XGHNlF5wa10WepFHEQqXS3zpvcIhDmyk3f85Yy8skEe5X0I83YWyWg7IsjJVcz6aJF oZnRHdhrzdxqHrm6OfSgScmjhmI3HvRLEAnEUAM0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Harald Freudenberger , Vasily Gorbik Subject: [PATCH 5.10 560/575] s390/ap: Fix hanging ioctl caused by orphaned replies Date: Mon, 15 Nov 2021 18:04:45 +0100 Message-Id: <20211115165403.059894445@linuxfoundation.org> X-Mailer: git-send-email 2.33.1 In-Reply-To: <20211115165343.579890274@linuxfoundation.org> References: <20211115165343.579890274@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Harald Freudenberger commit 3826350e6dd435e244eb6e47abad5a47c169ebc2 upstream. When a queue is switched to soft offline during heavy load and later switched to soft online again and now used, it may be that the caller is blocked forever in the ioctl call. The failure occurs because there is a pending reply after the queue(s) have been switched to offline. This orphaned reply is received when the queue is switched to online and is accidentally counted for the outstanding replies. So when there was a valid outstanding reply and this orphaned reply is received it counts as the outstanding one thus dropping the outstanding counter to 0. Voila, with this counter the receive function is not called any more and the real outstanding reply is never received (until another request comes in...) and the ioctl blocks. The fix is simple. However, instead of readjusting the counter when an orphaned reply is detected, I check the queue status for not empty and compare this to the outstanding counter. So if the queue is not empty then the counter must not drop to 0 but at least have a value of 1. Signed-off-by: Harald Freudenberger Cc: stable@vger.kernel.org Signed-off-by: Vasily Gorbik Signed-off-by: Greg Kroah-Hartman --- drivers/s390/crypto/ap_queue.c | 2 ++ 1 file changed, 2 insertions(+) --- a/drivers/s390/crypto/ap_queue.c +++ b/drivers/s390/crypto/ap_queue.c @@ -142,6 +142,8 @@ static struct ap_queue_status ap_sm_recv switch (status.response_code) { case AP_RESPONSE_NORMAL: aq->queue_count = max_t(int, 0, aq->queue_count - 1); + if (!status.queue_empty && !aq->queue_count) + aq->queue_count++; if (aq->queue_count > 0) mod_timer(&aq->timeout, jiffies + aq->request_timeout);