From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
patches@lists.linux.dev, Lin Liu <lin.liu@citrix.com>,
"David S. Miller" <davem@davemloft.net>,
Sasha Levin <sashal@kernel.org>
Subject: [PATCH 5.10 083/106] xen-netfront: Fix NULL sring after live migration
Date: Mon, 12 Dec 2022 14:10:26 +0100 [thread overview]
Message-ID: <20221212130928.498255952@linuxfoundation.org> (raw)
In-Reply-To: <20221212130924.863767275@linuxfoundation.org>
From: Lin Liu <lin.liu@citrix.com>
[ Upstream commit d50b7914fae04d840ce36491d22133070b18cca9 ]
A NAPI is setup for each network sring to poll data to kernel
The sring with source host is destroyed before live migration and
new sring with target host is setup after live migration.
The NAPI for the old sring is not deleted until setup new sring
with target host after migration. With busy_poll/busy_read enabled,
the NAPI can be polled before got deleted when resume VM.
BUG: unable to handle kernel NULL pointer dereference at
0000000000000008
IP: xennet_poll+0xae/0xd20
PGD 0 P4D 0
Oops: 0000 [#1] SMP PTI
Call Trace:
finish_task_switch+0x71/0x230
timerqueue_del+0x1d/0x40
hrtimer_try_to_cancel+0xb5/0x110
xennet_alloc_rx_buffers+0x2a0/0x2a0
napi_busy_loop+0xdb/0x270
sock_poll+0x87/0x90
do_sys_poll+0x26f/0x580
tracing_map_insert+0x1d4/0x2f0
event_hist_trigger+0x14a/0x260
finish_task_switch+0x71/0x230
__schedule+0x256/0x890
recalc_sigpending+0x1b/0x50
xen_sched_clock+0x15/0x20
__rb_reserve_next+0x12d/0x140
ring_buffer_lock_reserve+0x123/0x3d0
event_triggers_call+0x87/0xb0
trace_event_buffer_commit+0x1c4/0x210
xen_clocksource_get_cycles+0x15/0x20
ktime_get_ts64+0x51/0xf0
SyS_ppoll+0x160/0x1a0
SyS_ppoll+0x160/0x1a0
do_syscall_64+0x73/0x130
entry_SYSCALL_64_after_hwframe+0x41/0xa6
...
RIP: xennet_poll+0xae/0xd20 RSP: ffffb4f041933900
CR2: 0000000000000008
---[ end trace f8601785b354351c ]---
xen frontend should remove the NAPIs for the old srings before live
migration as the bond srings are destroyed
There is a tiny window between the srings are set to NULL and
the NAPIs are disabled, It is safe as the NAPI threads are still
frozen at that time
Signed-off-by: Lin Liu <lin.liu@citrix.com>
Fixes: 4ec2411980d0 ([NET]: Do not check netif_running() and carrier state in ->poll())
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/net/xen-netfront.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/drivers/net/xen-netfront.c b/drivers/net/xen-netfront.c
index 569f3c8e7b75..3d149890fa36 100644
--- a/drivers/net/xen-netfront.c
+++ b/drivers/net/xen-netfront.c
@@ -1868,6 +1868,12 @@ static int netfront_resume(struct xenbus_device *dev)
netif_tx_unlock_bh(info->netdev);
xennet_disconnect_backend(info);
+
+ rtnl_lock();
+ if (info->queues)
+ xennet_destroy_queues(info);
+ rtnl_unlock();
+
return 0;
}
--
2.35.1
next prev parent reply other threads:[~2022-12-12 13:19 UTC|newest]
Thread overview: 125+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-12 13:09 [PATCH 5.10 000/106] 5.10.159-rc1 review Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 001/106] mm/mlock: remove lru_lock on TestClearPageMlocked Greg Kroah-Hartman
2022-12-12 20:35 ` Hugh Dickins
2022-12-13 14:28 ` Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 002/106] mm/mlock: remove __munlock_isolate_lru_page() Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 003/106] mm/lru: introduce TestClearPageLRU() Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 004/106] mm/compaction: do page isolation first in compaction Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 005/106] mm/vmscan: __isolate_lru_page_prepare() cleanup Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 006/106] mm: __isolate_lru_page_prepare() in isolate_migratepages_block() Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 007/106] mm: migrate: fix THPs mapcount on isolation Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 008/106] arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4 series Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 009/106] arm: dts: rockchip: fix node name for hym8563 rtc Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 010/106] ARM: dts: rockchip: fix ir-receiver node names Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 011/106] arm64: " Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 012/106] ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 013/106] ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 014/106] ARM: 9266/1: mm: fix no-MMU ZERO_PAGE() implementation Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 015/106] ASoC: wm8962: Wait for updated value of WM8962_CLOCKING1 register Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 016/106] ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188 Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 017/106] 9p/fd: Use P9_HDRSZ for header size Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 018/106] regulator: slg51000: Wait after asserting CS pin Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 019/106] ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 020/106] btrfs: send: avoid unaligned encoded writes when attempting to clone range Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 021/106] ASoC: soc-pcm: Add NULL check in BE reparenting Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 022/106] regulator: twl6030: fix get status of twl6032 regulators Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 023/106] fbcon: Use kzalloc() in fbcon_prepare_logo() Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 024/106] usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End Transfer Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 025/106] 9p/xen: check logical size for buffer size Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 026/106] net: usb: qmi_wwan: add u-blox 0x1342 composition Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 027/106] mm/khugepaged: take the right locks for page table retraction Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 028/106] mm/khugepaged: fix GUP-fast interaction by sending IPI Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 029/106] mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 030/106] rtc: mc146818: Prevent reading garbage Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 031/106] rtc: mc146818: Detect and handle broken RTCs Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 032/106] rtc: mc146818: Dont test for bit 0-5 in Register D Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 033/106] rtc: cmos: remove stale REVISIT comments Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 034/106] rtc: mc146818-lib: change return values of mc146818_get_time() Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 035/106] rtc: Check return value from mc146818_get_time() Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 036/106] rtc: mc146818-lib: fix RTC presence check Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 037/106] rtc: mc146818-lib: extract mc146818_avoid_UIP Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 038/106] rtc: cmos: avoid UIP when writing alarm time Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 039/106] rtc: cmos: avoid UIP when reading " Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 040/106] rtc: cmos: Replace spin_lock_irqsave with spin_lock in hard IRQ Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 041/106] rtc: mc146818: Reduce spinlock section in mc146818_set_time() Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 042/106] xen/netback: Ensure protocol headers dont fall in the non-linear area Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 043/106] xen/netback: do some code cleanup Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 044/106] xen/netback: dont call kfree_skb() with interrupts disabled Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 045/106] media: videobuf2-core: take mmap_lock in vb2_get_unmapped_area() Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 046/106] Revert "ARM: dts: imx7: Fix NAND controller size-cells" Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 047/106] media: v4l2-dv-timings.c: fix too strict blanking sanity checks Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 048/106] memcg: fix possible use-after-free in memcg_write_event_control() Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 049/106] mm/gup: fix gup_pud_range() for dax Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 050/106] Bluetooth: btusb: Add debug message for CSR controllers Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 051/106] Bluetooth: Fix crash when replugging CSR fake controllers Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 052/106] KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 053/106] drm/vmwgfx: Dont use screen objects when SEV is active Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 054/106] drm/shmem-helper: Remove errant put in error path Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 055/106] drm/shmem-helper: Avoid vm_open error paths Greg Kroah-Hartman
2022-12-12 13:09 ` [PATCH 5.10 056/106] HID: usbhid: Add ALWAYS_POLL quirk for some mice Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 057/106] HID: hid-lg4ff: Add check for empty lbuf Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 058/106] HID: core: fix shift-out-of-bounds in hid_report_raw_event Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 059/106] can: af_can: fix NULL pointer dereference in can_rcv_filter Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 060/106] mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 061/106] rtc: cmos: Disable irq around direct invocation of cmos_interrupt() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 062/106] rtc: mc146818-lib: fix locking in mc146818_set_time Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 063/106] rtc: mc146818-lib: fix signedness bug in mc146818_get_time() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 064/106] netfilter: nft_set_pipapo: Actually validate intervals in fields after the first one Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 065/106] ieee802154: cc2520: Fix error return code in cc2520_hw_init() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 066/106] ca8210: Fix crash by zero initializing data Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 067/106] netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 068/106] drm/bridge: ti-sn65dsi86: Fix output polarity setting bug Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 069/106] gpio: amd8111: Fix PCI device reference count leak Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 070/106] e1000e: Fix TX dispatch condition Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 071/106] igb: Allocate MSI-X vector when testing Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 072/106] net: broadcom: Add PTP_1588_CLOCK_OPTIONAL dependency for BCMGENET under ARCH_BCM2835 Greg Kroah-Hartman
2022-12-13 7:24 ` YueHaibing
2022-12-13 14:21 ` Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 073/106] drm: bridge: dw_hdmi: fix preference of RGB modes over YUV420 Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 074/106] af_unix: Get user_ns from in_skb in unix_diag_get_exact() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 075/106] vmxnet3: correctly report encapsulated LRO packet Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 076/106] Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 077/106] Bluetooth: Fix not cleanup led when bt_init fails Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 078/106] net: dsa: ksz: Check return value Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 079/106] selftests: rtnetlink: correct xfrm policy rule in kci_test_ipsec_offload Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 080/106] mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 081/106] net: encx24j600: Add parentheses to fix precedence Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 082/106] net: encx24j600: Fix invalid logic in reading of MISTAT register Greg Kroah-Hartman
2022-12-12 13:10 ` Greg Kroah-Hartman [this message]
2022-12-12 13:10 ` [PATCH 5.10 084/106] net: mvneta: Prevent out of bounds read in mvneta_config_rss() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 085/106] i40e: Fix not setting default xps_cpus after reset Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 086/106] i40e: Fix for VF MAC address 0 Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 087/106] i40e: Disallow ip4 and ip6 l4_4_bytes Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 088/106] NFC: nci: Bounds check struct nfc_target arrays Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 089/106] nvme initialize core quirks before calling nvme_init_subsystem Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 090/106] net: stmmac: fix "snps,axi-config" node property parsing Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 091/106] ip_gre: do not report erspan version on GRE interface Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 092/106] net: thunderx: Fix missing destroy_workqueue of nicvf_rx_mode_wq Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 093/106] net: hisilicon: Fix potential use-after-free in hisi_femac_rx() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 094/106] net: hisilicon: Fix potential use-after-free in hix5hd2_rx() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 095/106] tipc: Fix potential OOB in tipc_link_proto_rcv() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 096/106] ipv4: Fix incorrect route flushing when source address is deleted Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 097/106] ipv4: Fix incorrect route flushing when table ID 0 is used Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 098/106] net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 099/106] tipc: call tipc_lxc_xmit without holding node_read_lock Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 100/106] ethernet: aeroflex: fix potential skb leak in greth_init_rings() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 101/106] xen/netback: fix build warning Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 102/106] net: plip: dont call kfree_skb/dev_kfree_skb() under spin_lock_irq() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 103/106] ipv6: avoid use-after-free in ip6_fragment() Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 104/106] net: mvneta: Fix an out of bounds check Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 105/106] macsec: add missing attribute validation for offload Greg Kroah-Hartman
2022-12-12 13:10 ` [PATCH 5.10 106/106] can: esd_usb: Allow REC and TEC to return to zero Greg Kroah-Hartman
2022-12-12 18:13 ` [PATCH 5.10 000/106] 5.10.159-rc1 review Pavel Machek
2022-12-12 18:31 ` Pavel Machek
2022-12-13 14:23 ` Greg Kroah-Hartman
2022-12-12 22:46 ` Florian Fainelli
2022-12-13 0:01 ` Shuah Khan
2022-12-13 0:24 ` Guenter Roeck
2022-12-13 7:48 ` Naresh Kamboju
2022-12-13 9:20 ` Arnd Bergmann
2022-12-13 10:05 ` Naresh Kamboju
2022-12-13 10:39 ` Pavel Machek
2022-12-13 14:23 ` Greg Kroah-Hartman
2022-12-13 12:06 ` Sudip Mukherjee (Codethink)
2022-12-13 15:31 ` Sudip Mukherjee
2022-12-13 18:07 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221212130928.498255952@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=davem@davemloft.net \
--cc=lin.liu@citrix.com \
--cc=patches@lists.linux.dev \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).