Red Hat Bugzilla – Bug 161866
Race condition accessing PCI config space
Last modified: 2007-11-30 17:07:07 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050302 Firefox/1.0.1 Fedora/1.0.1-1.3.2
Description of problem:
CF8/CFC cycles may get intermingled creating a race condition. It is possible to have two CF8 writes before a CFC access, customer has seen a particular case when acpi_os_write_pci_configuration() is calling pci_conf1_write() which is protected by pci_config_lock, while a driver (tg3 in this case) is calling pci_conf1_write_config_dword() which is not protected.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Load tg3 driver on EM64T.
Actual Results: FSB trace showed several places where the system has CF8/CFC cycles which are getting intermingled.
Expected Results: PCI access should be protected.
Attaching patch provided by the customer, they have verified that the patch fixes the problem.
Created attachment 116037 [details]
Patch to synchronize access to PCI config space
Patch looks pretty sane to me, and fairly close to the x86 version. Not sure
why they added NULL checks of *value for the pci_*_read_config_byte and
pci_*_read_config_word but not to the pci_*_read_config_dword versions, but
other than that, it looks fine...
Please add PM and QE acks to add this fix into U7. Thanks.
A fix for this problem has just been committed to the RHEL3 U7
patch pool this evening (in kernel version 2.4.21-37.6.EL).
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.