| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 15 Apr 2021 17:19:01 -0400
From: "Liang, Kan" <kan.liang@...ux.intel.com>
To: Steve Wahl <steve.wahl@....com>,
Peter Zijlstra <peterz@...radead.org>,
Ingo Molnar <mingo@...hat.com>,
Arnaldo Carvalho de Melo <acme@...nel.org>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Jiri Olsa <jolsa@...hat.com>,
Namhyung Kim <namhyung@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Borislav Petkov <bp@...en8.de>, x86@...nel.org,
"H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] perf/x86/intel/uncore: Avoid null dereferences
(uncore_extra_pci_dev)
Hi Steve,
On 4/15/2021 4:37 PM, Steve Wahl wrote:
> If an uncore has no pci_init routine, or that routine fails,
> uncore_pci_init is not called, and memory is not allocated for
> uncore_extra_pci_dev.
>
> So check to make sure uncore_extra_pci_dev is not NULL before use.
>
I think more after yesterday's discussion. There may be a better
solution than this.
Actually, we don't have to probe all the PCU devices and stores them
into the uncore_extra_pci_dev for the cpu_init().
We just need to pick up the first PCU device and check the existence of
the SBOX once.
I will send out a patch shortly.
> And fix the case that led us to discover the null derefs; don't fail
> snbep_pci2phy_map_init if BIOS doesn't supply pcibus_to_node
> information.
>
> Fixes: 9a7832ce3d92 ("perf/x86/intel/uncore: With > 8 nodes, get pci bus die id from NUMA info")
In theory, the pci_read_config_dword() may fails as well. It has
possible that the issue can still be observed before the "> 8 nodes" patch.
I think the fixes should be 5306c31c5733 ("perf/x86/uncore/hsw-ep:
Handle systems with only two SBOXes")
Thanks,
Kan
> Signed-off-by: Steve Wahl <steve.wahl@....com>
> ---
> arch/x86/events/intel/uncore_snbep.c | 10 +++++++---
> 1 file changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/arch/x86/events/intel/uncore_snbep.c b/arch/x86/events/intel/uncore_snbep.c
> index b79951d0707c..14c24356a2fa 100644
> --- a/arch/x86/events/intel/uncore_snbep.c
> +++ b/arch/x86/events/intel/uncore_snbep.c
> @@ -1373,11 +1373,11 @@ static int snbep_pci2phy_map_init(int devid, int nodeid_loc, int idmap_loc, bool
> /*
> * The nodeid and idmap registers only contain enough
> * information to handle 8 nodes. On systems with more
> - * than 8 nodes, we need to rely on NUMA information,
> + * than 8 nodes, if available we rely on NUMA information,
> * filled in from BIOS supplied information, to determine
> * the topology.
> */
> - if (nr_node_ids <= 8) {
> + if ((nr_node_ids <= 8) || (pcibus_to_node(ubox_dev->bus) == -1)) {
> /* get the Node ID of the local register */
> err = pci_read_config_dword(ubox_dev, nodeid_loc, &config);
> if (err)
> @@ -2865,7 +2865,9 @@ void hswep_uncore_cpu_init(void)
> hswep_uncore_cbox.num_boxes = boot_cpu_data.x86_max_cores;
>
> /* Detect 6-8 core systems with only two SBOXes */
> - if (uncore_extra_pci_dev[pkg].dev[HSWEP_PCI_PCU_3]) {
> + if (!uncore_extra_pci_dev)
> + hswep_uncore_sbox.num_boxes = 2;
> + else if (uncore_extra_pci_dev[pkg].dev[HSWEP_PCI_PCU_3]) {
> u32 capid4;
>
> pci_read_config_dword(uncore_extra_pci_dev[pkg].dev[HSWEP_PCI_PCU_3],
> @@ -3243,6 +3245,8 @@ void bdx_uncore_cpu_init(void)
> if (boot_cpu_data.x86_model == 86) {
> uncore_msr_uncores[BDX_MSR_UNCORE_SBOX] = NULL;
> /* Detect systems with no SBOXes */
> + } else if (!uncore_extra_pci_dev) {
> + bdx_msr_uncores[BDX_MSR_UNCORE_SBOX] = NULL;
> } else if (uncore_extra_pci_dev[pkg].dev[HSWEP_PCI_PCU_3]) {
> struct pci_dev *pdev;
> u32 capid4;
>
Powered by blists - more mailing lists