On 3/20/26 06:05, Aleksandr Loktionov wrote:
From: Katarzyna Wieczerzycka <[email protected]>
In ice_dcb_rebuild(), the first call to ice_query_port_ets() is checked
for error, and on failure jumps to the 'dcb_error' label. The error path
always calls mutex_unlock(&pf->tc_mutex), but at this point in the code
the mutex has never been locked -- mutex_lock() came after the check.
Releasing a mutex that was not locked is undefined behaviour and can
cause a deadlock or crash. Fix this by moving mutex_lock() to before
the error check, so that 'dcb_error' always pairs with a prior lock.
Fixes: 242b5e068b25 ("ice: Fix DCB rebuild after reset")
Signed-off-by: Katarzyna Wieczerzycka <[email protected]>
Signed-off-by: Aleksandr Loktionov <[email protected]>
NACK
there is a better fix proposed by community, we are awaiting v2
https://patchew.org/linux/[email protected]/[email protected]/
---
drivers/net/ethernet/intel/ice/ice_dcb_lib.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/intel/ice/ice_dcb_lib.c
b/drivers/net/ethernet/intel/ice/ice_dcb_lib.c
index bd77f1c..d516734 100644
--- a/drivers/net/ethernet/intel/ice/ice_dcb_lib.c
+++ b/drivers/net/ethernet/intel/ice/ice_dcb_lib.c
@@ -538,12 +538,11 @@ void ice_dcb_rebuild(struct ice_pf *pf)
int ret;
ret = ice_query_port_ets(pf->hw.port_info, &buf, sizeof(buf), NULL);
the difference is to move mutex_lock() over ice_query_port_ets()
+ mutex_lock(&pf->tc_mutex);
if (ret) {
dev_err(dev, "Query Port ETS failed\n");
goto dcb_error;
}
- mutex_lock(&pf->tc_mutex);
-
if (!pf->hw.port_info->qos_cfg.is_sw_lldp)
ice_cfg_etsrec_defaults(pf->hw.port_info);
