Hello Shannon Nelson,
The patch eda0333ac293: "ixgbe: add VF IPsec management" from Aug 13,
2018 (linux-next), leads to the following Smatch static checker
warning:
drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c:917
ixgbe_ipsec_vf_add_sa()
warn: sleeping in IRQ context
drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c
890 int ixgbe_ipsec_vf_add_sa(struct ixgbe_adapter *adapter, u32 *msgbuf,
u32 vf)
891 {
892 struct ixgbe_ipsec *ipsec = adapter->ipsec;
893 struct xfrm_algo_desc *algo;
894 struct sa_mbx_msg *sam;
895 struct xfrm_state *xs;
896 size_t aead_len;
897 u16 sa_idx;
898 u32 pfsa;
899 int err;
900
901 sam = (struct sa_mbx_msg *)(&msgbuf[1]);
902 if (!adapter->vfinfo[vf].trusted ||
903 !(adapter->flags2 & IXGBE_FLAG2_VF_IPSEC_ENABLED)) {
904 e_warn(drv, "VF %d attempted to add an IPsec SA\n", vf);
905 err = -EACCES;
906 goto err_out;
907 }
908
909 /* Tx IPsec offload doesn't seem to work on this
910 * device, so block these requests for now.
911 */
912 if (sam->dir != XFRM_DEV_OFFLOAD_IN) {
913 err = -EOPNOTSUPP;
914 goto err_out;
915 }
916
--> 917 xs = kzalloc(sizeof(*xs), GFP_KERNEL);
^^^^^^^^^^
Sleeping allocation.
The call tree that Smatch is worried about is:
ixgbe_msix_other() <- IRQ handler
-> ixgbe_msg_task()
-> ixgbe_rcv_msg_from_vf()
-> ixgbe_ipsec_vf_add_sa()
This is a fairly new warning and those have a higher risk of false
positives. Plus the longer the call tree the higher the chance of
false positives. However, I did review it and the warning looks
reasonable.
regards,
dan carpenter
