| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 18 Oct 2010 15:47:31 -0700 From: Yinghai Lu <yinghai@...nel.org> To: Thomas Gleixner <tglx@...utronix.de> CC: Ingo Molnar <mingo@...e.hu>, "H. Peter Anvin" <hpa@...or.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] x86, irq: Check if irq is remapped before freeing irte On 10/18/2010 03:31 PM, Thomas Gleixner wrote: > On Mon, 18 Oct 2010, Yinghai Lu wrote: > >> On 10/18/2010 02:17 PM, Thomas Gleixner wrote: >>> >>> >>> On Mon, 18 Oct 2010, Thomas Gleixner wrote: >>> >>>> On Mon, 18 Oct 2010, Yinghai Lu wrote: >>>>> >>>>> Index: linux-2.6/drivers/pci/intr_remapping.c >>>>> =================================================================== >>>>> --- linux-2.6.orig/drivers/pci/intr_remapping.c >>>>> +++ linux-2.6/drivers/pci/intr_remapping.c >>>>> @@ -60,7 +60,7 @@ int get_irte(int irq, struct irte *entry >>>>> unsigned long flags; >>>>> int index; >>>>> >>>>> - if (!entry || !irq_iommu) >>>>> + if (!entry || !irq_iommu || !irq_iommu->iommu) >>>>> return -1; >>>> >>>> Hmm, why do we need this? This is only called from >>>> ir_ioapic_set_affinity() and ir_msi_set_affinity(). > > That does not answer that question ! we don't need that checking there. > >>>> We should never end up there when intr_remapping=off, right ? >>> >>> Thinking more about it, this check is actively bogus. The call sites do: >>> >>> struct irte irte; >>> >>> if (get_irte(irq, &irte)) >>> return -1; >>> >>> So entry _CANNOT_ be NULL. >>> >>> And in fact we should change get_irte() to >>> >>> get_irte(struct irq_2_iommu *irq_iommu, struct irte *entry) >>> >>> The call site already knows about it. No need to lookup irq_iommu >>> based on the irq number. >> >> looks like all irq-irte related API could replace "int irq" to "struct irq_2_iommu *irq_iommu" >> >> extern int get_irte(int irq, struct irte *entry); >> extern int modify_irte(int irq, struct irte *irte_modified); >> extern int alloc_irte(struct intel_iommu *iommu, int irq, u16 count); >> extern int set_irte_irq(int irq, struct intel_iommu *iommu, u16 index, >> u16 sub_handle); >> extern int map_irq_to_irte_handle(int irq, u16 *sub_handle); >> extern int free_irte(int irq); > > Probably, but we need to figure out which functions need which checks > instead of having either redundant or superflous ones there. > only free_irte(). because other have have protection from intr_remapping_enabled or irq_remapped(get_irq_chip_data(irq)) or with ir related chip. this one works too. --- arch/x86/kernel/apic/io_apic.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Index: linux-2.6/arch/x86/kernel/apic/io_apic.c =================================================================== --- linux-2.6.orig/arch/x86/kernel/apic/io_apic.c +++ linux-2.6/arch/x86/kernel/apic/io_apic.c @@ -3109,7 +3109,8 @@ void destroy_irq(unsigned int irq) irq_set_status_flags(irq, IRQ_NOREQUEST|IRQ_NOPROBE); - free_irte(irq); + if (intr_remapping_enabled) + free_irte(irq); raw_spin_lock_irqsave(&vector_lock, flags); __clear_irq_vector(irq, cfg); raw_spin_unlock_irqrestore(&vector_lock, flags); -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists