| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Jun 2022 17:34:24 -0700
From: Ira Weiny <ira.weiny@...el.com>
To: Ben Widawsky <bwidawsk@...nel.org>
CC: Dan Williams <dan.j.williams@...el.com>,
Bjorn Helgaas <bhelgaas@...gle.com>,
Jonathan Cameron <Jonathan.Cameron@...wei.com>,
"Alison Schofield" <alison.schofield@...el.com>,
Vishal Verma <vishal.l.verma@...el.com>,
Dave Jiang <dave.jiang@...el.com>,
<linux-kernel@...r.kernel.org>, <linux-cxl@...r.kernel.org>,
<linux-pci@...r.kernel.org>
Subject: Re: [PATCH V10 9/9] cxl/port: Parse out DSMAS data from CDAT table
On Mon, Jun 06, 2022 at 12:32:20PM -0700, Ben Widawsky wrote:
> On 22-06-04 17:50:49, ira.weiny@...el.com wrote:
> > From: Ira Weiny <ira.weiny@...el.com>
> >
> > CXL Ports with memory devices attached need the information from the
> > Device Scoped Memory Affinity Structure (DSMAS). This information is
> > contained within the CDAT table buffer which is previously read and
> > cached in the port device.
> >
> > If CDAT data is available, parse and cache DSMAS data from the table.
> > Store this data in unmarshaled struct dsmas data structures for ease of
> > use later.
> >
> > Signed-off-by: Ira Weiny <ira.weiny@...el.com>
> >
> > ---
> > Changes from V8
> > Adjust to the cdat data being in cxl_port
> >
> > Changes from V7
> > Rebased on cxl-pending
> >
> > Changes from V6
> > Move to port.c
> > It is not an error if no DSMAS data is found
> >
> > Changes from V5
> > Fix up sparse warnings
> > Split out cdat_hdr_valid()
> > Update cdat_hdr_valid()
> > Remove revision and cs field parsing
> > There is no point in these
> > Add seq check and debug print.
> > From Jonathan
> > Add spaces around '+' and '/'
> > use devm_krealloc() for dmas_ary
> > ---
> > drivers/cxl/cdat.h | 17 +++++++++++
> > drivers/cxl/core/pci.c | 65 ++++++++++++++++++++++++++++++++++++++++++
> > drivers/cxl/cxl.h | 2 ++
> > drivers/cxl/cxlmem.h | 4 +++
> > drivers/cxl/cxlpci.h | 1 +
> > drivers/cxl/mem.c | 1 +
> > 6 files changed, 90 insertions(+)
> >
> > diff --git a/drivers/cxl/cdat.h b/drivers/cxl/cdat.h
> > index 3d8945612511..0a510f73fe6d 100644
> > --- a/drivers/cxl/cdat.h
> > +++ b/drivers/cxl/cdat.h
> > @@ -85,6 +85,23 @@
> >
> > #define CXL_DOE_PROTOCOL_TABLE_ACCESS 2
> >
> > +/**
> > + * struct cxl_dsmas - host unmarshaled version of DSMAS data
> > + *
> > + * As defined in the Coherent Device Attribute Table (CDAT) specification this
> > + * represents a single DSMAS entry in that table.
> > + *
> > + * @dpa_base: The lowest Device Physical Address associated with this DSMAD
> > + * @length: Length in bytes of this DSMAD
> > + * @non_volatile: If set, the memory region represents Non-Volatile memory
> > + */
> > +struct cxl_dsmas {
> > + u64 dpa_base;
> > + u64 length;
> > + /* Flags */
> > + u8 non_volatile:1;
> > +};
> > +
> > /**
> > * struct cxl_cdat - CXL CDAT data
> > *
> > diff --git a/drivers/cxl/core/pci.c b/drivers/cxl/core/pci.c
> > index e68f13e66fcf..9666cc4a67aa 100644
> > --- a/drivers/cxl/core/pci.c
> > +++ b/drivers/cxl/core/pci.c
> > @@ -673,3 +673,68 @@ void read_cdat_data(struct cxl_port *port)
> > retries);
> > }
> > EXPORT_SYMBOL_NS_GPL(read_cdat_data, CXL);
> > +
> > +void parse_dsmas(struct cxl_memdev *cxlmd, struct cxl_port *port)
> > +{
> > + struct device *dev = &port->dev;
> > + struct cxl_dsmas *dsmas_ary = NULL;
> > + u32 *data = port->cdat.table;
> > + int bytes_left = port->cdat.length;
> > + int nr_dsmas = 0;
> > +
> > + if (!data) {
> > + dev_info(dev, "No CDAT data available for DSMAS\n");
> > + return;
> > + }
> > +
> > + /* Skip header */
> > + data += CDAT_HEADER_LENGTH_DW;
> > + bytes_left -= CDAT_HEADER_LENGTH_BYTES;
> > +
> > + while (bytes_left > 0) {
> > + u32 *cur_rec = data;
> > + u8 type = FIELD_GET(CDAT_STRUCTURE_DW0_TYPE, cur_rec[0]);
> > + u16 length = FIELD_GET(CDAT_STRUCTURE_DW0_LENGTH, cur_rec[0]);
> > +
> > + if (type == CDAT_STRUCTURE_DW0_TYPE_DSMAS) {
> > + struct cxl_dsmas *new_ary;
> > + u8 flags;
> > +
> > + new_ary = devm_krealloc(dev, dsmas_ary,
> > + sizeof(*dsmas_ary) * (nr_dsmas + 1),
> > + GFP_KERNEL);
> > + if (!new_ary) {
> > + dev_err(dev,
> > + "Failed to allocate memory for DSMAS data (nr_dsmas %d)\n",
> > + nr_dsmas);
> > + return;
> > + }
> > + dsmas_ary = new_ary;
>
> I don't love the realloc on every loop (though I've done something similar
> before). What about allocating enough entries port->cdat.length, and then a
> single krealloc to shorten the array upon success? I think krealloc pretty much
> always succeeds when you shrink FWIW.
I'm not sure that it would be better in any significant way honestly. The
chances of krealloc failing is small.
>
> > +
> > + flags = FIELD_GET(CDAT_DSMAS_DW1_FLAGS, cur_rec[1]);
>
> Does it make sense to test length/bytes_left before reading cur_rec[1]?
Interesting idea. On the one hand the CDAT was already validated with the
checksum. But the checksum could be valid even if the dsmas data was
corrupted. Especially by a malicious device. Also, I'm not sure but I think
SPDM would protect us from malicious devices once implemented.
Overall, it seems like checking bytes_left is a good check to ensure we don't
run off the end of our buffer even if it is just some fluke of data reads.
As to length I'm not seeing a danger but it might be nice to know that
something in the dsmas header was wrong. I'll think on this more.
>
> > +
> > + dsmas_ary[nr_dsmas].dpa_base = CDAT_DSMAS_DPA_OFFSET(cur_rec);
> > + dsmas_ary[nr_dsmas].length = CDAT_DSMAS_DPA_LEN(cur_rec);
> > + dsmas_ary[nr_dsmas].non_volatile = CDAT_DSMAS_NON_VOLATILE(flags);
> > +
> > + dev_dbg(dev, "DSMAS %d: %llx:%llx %s\n",
> > + nr_dsmas,
> > + dsmas_ary[nr_dsmas].dpa_base,
> > + dsmas_ary[nr_dsmas].dpa_base +
> > + dsmas_ary[nr_dsmas].length,
> > + (dsmas_ary[nr_dsmas].non_volatile ?
> > + "Persistent" : "Volatile")
> > + );
> > +
> > + nr_dsmas++;
> > + }
> > +
> > + data += (length / sizeof(u32));
> > + bytes_left -= length;
> > + }
> > +
> > + dev_dbg(dev, "Found %d DSMAS entries\n", nr_dsmas);
> > + cxlmd->dsmas_ary = dsmas_ary;
> > + cxlmd->nr_dsmas = nr_dsmas;
> > +}
> > +EXPORT_SYMBOL_NS_GPL(parse_dsmas, CXL);
> > diff --git a/drivers/cxl/cxl.h b/drivers/cxl/cxl.h
> > index 531b77d296c7..4d779a8fb807 100644
> > --- a/drivers/cxl/cxl.h
> > +++ b/drivers/cxl/cxl.h
> > @@ -10,6 +10,8 @@
> > #include <linux/io.h>
> > #include "cdat.h"
> >
> > +#include "cdat.h"
> > +
> > /**
> > * DOC: cxl objects
> > *
> > diff --git a/drivers/cxl/cxlmem.h b/drivers/cxl/cxlmem.h
> > index 4d2764b865ab..ce5b00f3ebcb 100644
> > --- a/drivers/cxl/cxlmem.h
> > +++ b/drivers/cxl/cxlmem.h
> > @@ -36,6 +36,8 @@
> > * @cxlds: The device state backing this device
> > * @detach_work: active memdev lost a port in its ancestry
> > * @id: id number of this memdev instance.
> > + * @dsmas_ary: Array of DSMAS entries as parsed from the CDAT table
> > + * @nr_dsmas: Number of entries in dsmas_ary
>
> Personally don't think it's necessary to append "_ary". Up to you.
I think it's fine.
Thanks for the review,
Ira
Powered by blists - more mailing lists