lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <933083faa55109949cbb5a07dcec27f3e4bff9ec.camel@redhat.com>
Date: Fri, 25 Oct 2024 11:26:18 +0200
From: Philipp Stanner <pstanner@...hat.com>
To: Takashi Iwai <tiwai@...e.de>, Bjorn Helgaas <bhelgaas@...gle.com>
Cc: linux-pci@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] PCI: Restore the original INTX_DISABLE bit by
 pcim_intx()

Hi,

On Thu, 2024-10-24 at 17:55 +0200, Takashi Iwai wrote:
> pcim_intx() tries to restore the INTX_DISABLE bit at removal via
> devres, but there is a chance that it restores a wrong value.
> Because the value to be restored is blindly assumed to be the
> negative
> of the enable argument, when a driver calls pcim_intx() unnecessarily
> for the already enabled state, it'll restore to the disabled state in
> turn.

It depends on how it is called, no?

// INTx == 1
pcim_intx(pdev, 0); // old INTx value assumed to be 1 -> correct

---

// INTx == 0
pcim_intx(pdev, 0); // old INTx value assumed to be 1 -> wrong

Maybe it makes sense to replace part of the commit text with something
like the example above?

>   Also, when a driver calls pcim_intx() multiple times with
> different enable argument values, the last one will win no matter
> what
> value it is.

Means

// INTx == 0
pcim_intx(pdev, 0); // orig_INTx == 1, INTx == 0
pcim_intx(pdev, 1); // orig_INTx == 0, INTx == 1
pcim_intx(pdev, 0); // orig_INTx == 1, INTx == 0

So in this example the first call would cause a wrong orig_INTx, but
the last call – the one "who will win" – seems to do the right thing,
dosen't it?

> 
> This patch addresses those inconsistencies by saving the original
> INTX_DISABLE state at the first devres_alloc(); this assures that the
> original state is restored properly, and the later pcim_intx() calls
> won't overwrite res->orig_intx any longer.
> 
> Fixes: 25216afc9db5 ("PCI: Add managed pcim_intx()")

That commit is also in 6.11, so we need:

Cc: stable@...r.kernel.org # 6.11+

> Link: https://lore.kernel.org/87v7xk2ps5.wl-tiwai@suse.de
> Signed-off-by: Takashi Iwai <tiwai@...e.de>
> ---
>  drivers/pci/devres.c | 18 ++++++++++++++----
>  1 file changed, 14 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/pci/devres.c b/drivers/pci/devres.c
> index b133967faef8..aed3c9a355cb 100644
> --- a/drivers/pci/devres.c
> +++ b/drivers/pci/devres.c
> @@ -438,8 +438,17 @@ static void pcim_intx_restore(struct device
> *dev, void *data)
>  	__pcim_intx(pdev, res->orig_intx);
>  }
>  
> -static struct pcim_intx_devres *get_or_create_intx_devres(struct
> device *dev)
> +static void save_orig_intx(struct pci_dev *pdev, struct
> pcim_intx_devres *res)
>  {
> +	u16 pci_command;
> +
> +	pci_read_config_word(pdev, PCI_COMMAND, &pci_command);
> +	res->orig_intx = !(pci_command & PCI_COMMAND_INTX_DISABLE);
> +}
> +
> +static struct pcim_intx_devres *get_or_create_intx_devres(struct
> pci_dev *pdev)
> +{
> +	struct device *dev = &pdev->dev;
>  	struct pcim_intx_devres *res;
>  
>  	res = devres_find(dev, pcim_intx_restore, NULL, NULL);
> @@ -447,8 +456,10 @@ static struct pcim_intx_devres
> *get_or_create_intx_devres(struct device *dev)
>  		return res;
>  
>  	res = devres_alloc(pcim_intx_restore, sizeof(*res),
> GFP_KERNEL);
> -	if (res)
> +	if (res) {
> +		save_orig_intx(pdev, res);

This is not the correct place – get_or_create_intx_devres() should get
the resource if it exists, or allocate it if it doesn't, but its
purpose is not to modify the resource.

>  		devres_add(dev, res);
> +	}
>  
>  	return res;
>  }
> @@ -467,11 +478,10 @@ int pcim_intx(struct pci_dev *pdev, int enable)
>  {
>  	struct pcim_intx_devres *res;
>  
> -	res = get_or_create_intx_devres(&pdev->dev);
> +	res = get_or_create_intx_devres(pdev);
>  	if (!res)
>  		return -ENOMEM;
>  
> -	res->orig_intx = !enable;

Here is the right place to call save_orig_intx(). That way you also
won't need the new variable struct device *dev above :)

Thank you,
P.


>  	__pcim_intx(pdev, enable);
>  
>  	return 0;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ