Bug 161866

Summary: Race condition accessing PCI config space
Product: Red Hat Enterprise Linux 3 Reporter: David Milburn <dmilburn>
Component: kernelAssignee: Jim Paradis <jparadis>
Status: CLOSED ERRATA QA Contact: Brian Brock <bbrock>
Severity: high Docs Contact:
Priority: high    
Version: 3.0CC: linville, peterm, petrides, tao, tburke
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: RHSA-2006-0144 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-03-15 16:08:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 168424    
Attachments:
Description Flags
Patch to synchronize access to PCI config space none

Description David Milburn 2005-06-27 22:14:24 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050302 Firefox/1.0.1 Fedora/1.0.1-1.3.2

Description of problem:
CF8/CFC cycles may get intermingled creating a race condition. It is possible to have two CF8 writes before a CFC access, customer has seen a particular case when acpi_os_write_pci_configuration() is calling pci_conf1_write() which is protected by pci_config_lock, while a driver (tg3 in this case) is calling pci_conf1_write_config_dword() which is not protected. 


Version-Release number of selected component (if applicable):
kernel-2.4.21-32

How reproducible:
Sometimes

Steps to Reproduce:
1. Load tg3 driver on EM64T.
2.
3.
  

Actual Results:  FSB trace showed several places where the system has CF8/CFC cycles which are getting intermingled.

Expected Results:  PCI access should be protected.

Additional info:

Attaching patch provided by the customer, they have verified that the patch fixes the problem.
Comment 1 David Milburn 2005-06-27 22:15:45 UTC 
Created attachment 116037 [details]
Patch to synchronize access to PCI config space
Comment 2 John W. Linville 2005-06-28 14:42:51 UTC 
Patch looks pretty sane to me, and fairly close to the x86 version.  Not sure 
why they added NULL checks of *value for the pci_*_read_config_byte and 
pci_*_read_config_word but not to the pci_*_read_config_dword versions, but 
other than that, it looks fine...
Comment 13 Samuel Benjamin 2005-10-05 18:20:57 UTC 
Please add PM and QE acks to add this fix into U7. Thanks.
Comment 18 Ernie Petrides 2005-10-20 05:43:17 UTC 
A fix for this problem has just been committed to the RHEL3 U7
patch pool this evening (in kernel version 2.4.21-37.6.EL).
Comment 23 Red Hat Bugzilla 2006-03-15 16:08:41 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0144.html