| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <f42d70d5-b779-a780-f178-050b855a15d8@linux.intel.com>
Date: Thu, 15 Apr 2021 17:33:22 -0400
From: "Liang, Kan" <kan.liang@...ux.intel.com>
To: Steve Wahl <steve.wahl@....com>,
Peter Zijlstra <peterz@...radead.org>,
Ingo Molnar <mingo@...hat.com>,
Arnaldo Carvalho de Melo <acme@...nel.org>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Jiri Olsa <jolsa@...hat.com>,
Namhyung Kim <namhyung@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Borislav Petkov <bp@...en8.de>, x86@...nel.org,
"H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] perf/x86/intel/uncore: Avoid null dereferences
(uncore_extra_pci_dev)
On 4/15/2021 5:19 PM, Liang, Kan wrote:
> Hi Steve,
>
> On 4/15/2021 4:37 PM, Steve Wahl wrote:
>> If an uncore has no pci_init routine, or that routine fails,
>> uncore_pci_init is not called, and memory is not allocated for
>> uncore_extra_pci_dev.
>>
>> So check to make sure uncore_extra_pci_dev is not NULL before use.
>>
>
> I think more after yesterday's discussion. There may be a better
> solution than this.
>
> Actually, we don't have to probe all the PCU devices and stores them
> into the uncore_extra_pci_dev for the cpu_init().
> We just need to pick up the first PCU device and check the existence of
> the SBOX once.
>
> I will send out a patch shortly.
Here is the patch I mentioned.
https://lore.kernel.org/lkml/1618521764-100923-1-git-send-email-kan.liang@linux.intel.com
Thanks,
Kan
>
>> And fix the case that led us to discover the null derefs; don't fail
>> snbep_pci2phy_map_init if BIOS doesn't supply pcibus_to_node
>> information.
>>
>> Fixes: 9a7832ce3d92 ("perf/x86/intel/uncore: With > 8 nodes, get pci
>> bus die id from NUMA info")
>
> In theory, the pci_read_config_dword() may fails as well. It has
> possible that the issue can still be observed before the "> 8 nodes" patch.
>
> I think the fixes should be 5306c31c5733 ("perf/x86/uncore/hsw-ep:
> Handle systems with only two SBOXes")
>
> Thanks,
> Kan
>
>> Signed-off-by: Steve Wahl <steve.wahl@....com>
>> ---
>> arch/x86/events/intel/uncore_snbep.c | 10 +++++++---
>> 1 file changed, 7 insertions(+), 3 deletions(-)
>>
>> diff --git a/arch/x86/events/intel/uncore_snbep.c
>> b/arch/x86/events/intel/uncore_snbep.c
>> index b79951d0707c..14c24356a2fa 100644
>> --- a/arch/x86/events/intel/uncore_snbep.c
>> +++ b/arch/x86/events/intel/uncore_snbep.c
>> @@ -1373,11 +1373,11 @@ static int snbep_pci2phy_map_init(int devid,
>> int nodeid_loc, int idmap_loc, bool
>> /*
>> * The nodeid and idmap registers only contain enough
>> * information to handle 8 nodes. On systems with more
>> - * than 8 nodes, we need to rely on NUMA information,
>> + * than 8 nodes, if available we rely on NUMA information,
>> * filled in from BIOS supplied information, to determine
>> * the topology.
>> */
>> - if (nr_node_ids <= 8) {
>> + if ((nr_node_ids <= 8) || (pcibus_to_node(ubox_dev->bus) ==
>> -1)) {
>> /* get the Node ID of the local register */
>> err = pci_read_config_dword(ubox_dev, nodeid_loc, &config);
>> if (err)
>> @@ -2865,7 +2865,9 @@ void hswep_uncore_cpu_init(void)
>> hswep_uncore_cbox.num_boxes = boot_cpu_data.x86_max_cores;
>> /* Detect 6-8 core systems with only two SBOXes */
>> - if (uncore_extra_pci_dev[pkg].dev[HSWEP_PCI_PCU_3]) {
>> + if (!uncore_extra_pci_dev)
>> + hswep_uncore_sbox.num_boxes = 2;
>> + else if (uncore_extra_pci_dev[pkg].dev[HSWEP_PCI_PCU_3]) {
>> u32 capid4;
>>
>> pci_read_config_dword(uncore_extra_pci_dev[pkg].dev[HSWEP_PCI_PCU_3],
>> @@ -3243,6 +3245,8 @@ void bdx_uncore_cpu_init(void)
>> if (boot_cpu_data.x86_model == 86) {
>> uncore_msr_uncores[BDX_MSR_UNCORE_SBOX] = NULL;
>> /* Detect systems with no SBOXes */
>> + } else if (!uncore_extra_pci_dev) {
>> + bdx_msr_uncores[BDX_MSR_UNCORE_SBOX] = NULL;
>> } else if (uncore_extra_pci_dev[pkg].dev[HSWEP_PCI_PCU_3]) {
>> struct pci_dev *pdev;
>> u32 capid4;
>>
Powered by blists - more mailing lists