[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20190221114926.GH10737@kroah.com>
Date: Thu, 21 Feb 2019 12:49:26 +0100
From: Greg KH <greg@...ah.com>
To: linux-kernel@...r.kernel.org
Cc: logang@...tatee.com, stable-commits@...r.kernel.org
Subject: Re: Patch "PCI: Fix __initdata issue with "pci=disable_acs_redir"
parameter" has been added to the 4.20-stable tree
On Thu, Feb 21, 2019 at 12:43:20AM -0500, Sasha Levin wrote:
> This is a note to let you know that I've just added the patch titled
>
> PCI: Fix __initdata issue with "pci=disable_acs_redir" parameter
>
> to the 4.20-stable tree which can be found at:
> http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
>
> The filename of the patch is:
> pci-fix-__initdata-issue-with-pci-disable_acs_redir-.patch
> and it can be found in the queue-4.20 subdirectory.
>
> If you, or anyone else, feels it should not be added to the stable tree,
> please let <stable@...r.kernel.org> know about it.
>
>
>
> commit 44557eb5390967bb678394cfbcef5df39bfa751e
> Author: Logan Gunthorpe <logang@...tatee.com>
> Date: Thu Jan 17 08:46:34 2019 -0600
>
> PCI: Fix __initdata issue with "pci=disable_acs_redir" parameter
>
> [ Upstream commit d2fd6e81912a665993b24dcdc1c1384a42a54f7e ]
>
> The disable_acs_redir parameter stores a pointer to the string passed to
> pci_setup(). However, the string passed to PCI setup is actually a
> temporary copy allocated in static __initdata memory. After init, once the
> memory is freed, it is no longer valid to reference this pointer.
>
> This bug was noticed in v5.0-rc1 after a change in commit c5eb1190074c
> ("PCI / PM: Allow runtime PM without callback functions") caused
> pci_disable_acs_redir() to be called during shutdown which manifested
> as an unable to handle kernel paging request at:
>
> RIP: 0010:pci_enable_acs+0x3f/0x1e0
> Call Trace:
> pci_restore_state.part.44+0x159/0x3c0
> pci_restore_standard_config+0x33/0x40
> pci_pm_runtime_resume+0x2b/0xd0
> ? pci_restore_standard_config+0x40/0x40
> __rpm_callback+0xbc/0x1b0
> rpm_callback+0x1f/0x70
> ? pci_restore_standard_config+0x40/0x40
> rpm_resume+0x4f9/0x710
> ? pci_conf1_read+0xb6/0xf0
> ? pci_conf1_write+0xb2/0xe0
> __pm_runtime_resume+0x47/0x70
> pci_device_shutdown+0x1e/0x60
> device_shutdown+0x14a/0x1f0
> kernel_restart+0xe/0x50
> __do_sys_reboot+0x1ee/0x210
> ? __fput+0x144/0x1d0
> do_writev+0x5e/0xf0
> ? do_writev+0x5e/0xf0
> do_syscall_64+0x48/0xf0
> entry_SYSCALL_64_after_hwframe+0x44/0xa9
>
> It was also likely possible to trigger this bug when hotplugging PCI
> devices.
>
> To fix this, instead of storing a pointer, we use kstrdup() to copy the
> disable_acs_redir_param to its own buffer which will never be freed.
>
> Fixes: aaca43fda742 ("PCI: Add "pci=disable_acs_redir=" parameter for peer-to-peer support")
According to this tag it is needed in 4.19.y as well...
now added there.
greg k-h
Powered by blists - more mailing lists