lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <87ikq0b61y.wl-tiwai@suse.de>
Date: Mon, 27 Jan 2025 17:00:25 +0100
From: Takashi Iwai <tiwai@...e.de>
To: Bjorn Helgaas <bhelgaas@...gle.com>
Cc: Philipp Stanner <pstanner@...hat.com>,
    Takashi Iwai <tiwai@...e.de>,
	linux-pci@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] PCI: Restore the original INTX_DISABLE bit by pcim_intx()

On Mon, 09 Dec 2024 14:15:19 +0100,
Philipp Stanner wrote:
> 
> On Mon, 2024-11-04 at 10:14 +0100, Philipp Stanner wrote:
> > On Thu, 2024-10-31 at 14:42 +0100, Takashi Iwai wrote:
> > > pcim_intx() tries to restore the INTx bit at removal via devres,
> > > but
> > > there is a chance that it restores a wrong value.
> > > Because the value to be restored is blindly assumed to be the
> > > negative
> > > of the enable argument, when a driver calls pcim_intx()
> > > unnecessarily
> > > for the already enabled state, it'll restore to the disabled state
> > > in
> > > turn.  That is, the function assumes the case like:
> > > 
> > >   // INTx == 1
> > >   pcim_intx(pdev, 0); // old INTx value assumed to be 1 -> correct
> > > 
> > > but it might be like the following, too:
> > > 
> > >   // INTx == 0
> > >   pcim_intx(pdev, 0); // old INTx value assumed to be 1 -> wrong
> > > 
> > > Also, when a driver calls pcim_intx() multiple times with different
> > > enable argument values, the last one will win no matter what value
> > > it
> > > is.  This can lead to inconsistency, e.g.
> > > 
> > >   // INTx == 1
> > >   pcim_intx(pdev, 0); // OK
> > >   ...
> > >   pcim_intx(pdev, 1); // now old INTx wrongly assumed to be 0
> > > 
> > > This patch addresses those inconsistencies by saving the original
> > > INTx state at the first pcim_intx() call.  For that,
> > > get_or_create_intx_devres() is folded into pcim_intx() caller side;
> > > it allows us to simply check the already allocated devres and
> > > record
> > > the original INTx along with the devres_alloc() call.
> > > 
> > > Fixes: 25216afc9db5 ("PCI: Add managed pcim_intx()")
> > > Cc: stable@...r.kernel.org # 6.11+
> > > Link: https://lore.kernel.org/87v7xk2ps5.wl-tiwai@suse.de
> > > Signed-off-by: Takashi Iwai <tiwai@...e.de>
> > 
> > Reviewed-by: Philipp Stanner <pstanner@...hat.com>
> 
> Hello,
> 
> it seems we forgot about this patch.
> 
> Regards,
> P.

This has fallen through the cracks.
Do I need to resubmit?


thanks,

Takashi


> 
> 
> > 
> > Nice!
> > 
> > > ---
> > > v1->v2: refactoring, fold get_or_create_intx_devres() into the
> > > caller
> > > instead of retrieving the original INTx there.
> > > Also add comments and improve the patch description.
> > > 
> > >  drivers/pci/devres.c | 34 +++++++++++++++++++---------------
> > >  1 file changed, 19 insertions(+), 15 deletions(-)
> > > 
> > > diff --git a/drivers/pci/devres.c b/drivers/pci/devres.c
> > > index b133967faef8..c93d4d4499a0 100644
> > > --- a/drivers/pci/devres.c
> > > +++ b/drivers/pci/devres.c
> > > @@ -438,19 +438,12 @@ static void pcim_intx_restore(struct device
> > > *dev, void *data)
> > >  	__pcim_intx(pdev, res->orig_intx);
> > >  }
> > >  
> > > -static struct pcim_intx_devres *get_or_create_intx_devres(struct
> > > device *dev)
> > > +static void save_orig_intx(struct pci_dev *pdev, struct
> > > pcim_intx_devres *res)
> > >  {
> > > -	struct pcim_intx_devres *res;
> > > +	u16 pci_command;
> > >  
> > > -	res = devres_find(dev, pcim_intx_restore, NULL, NULL);
> > > -	if (res)
> > > -		return res;
> > > -
> > > -	res = devres_alloc(pcim_intx_restore, sizeof(*res),
> > > GFP_KERNEL);
> > > -	if (res)
> > > -		devres_add(dev, res);
> > > -
> > > -	return res;
> > > +	pci_read_config_word(pdev, PCI_COMMAND, &pci_command);
> > > +	res->orig_intx = !(pci_command &
> > > PCI_COMMAND_INTX_DISABLE);
> > >  }
> > >  
> > >  /**
> > > @@ -466,12 +459,23 @@ static struct pcim_intx_devres
> > > *get_or_create_intx_devres(struct device *dev)
> > >  int pcim_intx(struct pci_dev *pdev, int enable)
> > >  {
> > >  	struct pcim_intx_devres *res;
> > > +	struct device *dev = &pdev->dev;
> > >  
> > > -	res = get_or_create_intx_devres(&pdev->dev);
> > > -	if (!res)
> > > -		return -ENOMEM;
> > > +	/*
> > > +	 * pcim_intx() must only restore the INTx value that
> > > existed
> > > before the
> > > +	 * driver was loaded, i.e., before it called pcim_intx()
> > > for
> > > the
> > > +	 * first time.
> > > +	 */
> > > +	res = devres_find(dev, pcim_intx_restore, NULL, NULL);
> > > +	if (!res) {
> > > +		res = devres_alloc(pcim_intx_restore,
> > > sizeof(*res),
> > > GFP_KERNEL);
> > > +		if (!res)
> > > +			return -ENOMEM;
> > > +
> > > +		save_orig_intx(pdev, res);
> > > +		devres_add(dev, res);
> > > +	}
> > >  
> > > -	res->orig_intx = !enable;
> > >  	__pcim_intx(pdev, enable);
> > >  
> > >  	return 0;
> > 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ