| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250716201216.TsY3Kn45@linutronix.de>
Date: Wed, 16 Jul 2025 22:12:16 +0200
From: Nam Cao <namcao@...utronix.de>
To: Antonio Quartulli <antonio@...delbit.com>
Cc: Marc Zyngier <maz@...nel.org>, Thomas Gleixner <tglx@...utronix.de>,
Lorenzo Pieralisi <lpieralisi@...nel.org>,
Krzysztof Wilczyński <kwilczynski@...nel.org>,
Manivannan Sadhasivam <mani@...nel.org>,
Rob Herring <robh@...nel.org>, Bjorn Helgaas <bhelgaas@...gle.com>,
linux-pci@...r.kernel.org, linux-kernel@...r.kernel.org,
Karthikeyan Mitran <m.karthikeyan@...iveil.co.in>,
Hou Zhiqiang <Zhiqiang.Hou@....com>,
Thomas Petazzoni <thomas.petazzoni@...tlin.com>,
Pali Rohár <pali@...nel.org>,
"K . Y . Srinivasan" <kys@...rosoft.com>,
Haiyang Zhang <haiyangz@...rosoft.com>,
Wei Liu <wei.liu@...nel.org>, Dexuan Cui <decui@...rosoft.com>,
Joyce Ooi <joyce.ooi@...el.com>, Jim Quinlan <jim2101024@...il.com>,
Nicolas Saenz Julienne <nsaenz@...nel.org>,
Florian Fainelli <florian.fainelli@...adcom.com>,
Broadcom internal kernel review list <bcm-kernel-feedback-list@...adcom.com>,
Ray Jui <rjui@...adcom.com>, Scott Branden <sbranden@...adcom.com>,
Ryder Lee <ryder.lee@...iatek.com>,
Jianjun Wang <jianjun.wang@...iatek.com>,
Marek Vasut <marek.vasut+renesas@...il.com>,
Yoshihiro Shimoda <yoshihiro.shimoda.uh@...esas.com>,
Michal Simek <michal.simek@....com>,
Daire McNamara <daire.mcnamara@...rochip.com>,
Nirmal Patel <nirmal.patel@...ux.intel.com>,
Jonathan Derrick <jonathan.derrick@...ux.dev>,
Matthias Brugger <matthias.bgg@...il.com>,
AngeloGioacchino Del Regno <angelogioacchino.delregno@...labora.com>,
linux-arm-kernel@...ts.infradead.org, linux-hyperv@...r.kernel.org,
linux-rpi-kernel@...ts.infradead.org,
linux-mediatek@...ts.infradead.org,
linux-renesas-soc@...r.kernel.org
Subject: Re: [PATCH 16/16] PCI: vmd: Switch to msi_create_parent_irq_domain()
On Wed, Jul 16, 2025 at 09:52:05PM +0200, Antonio Quartulli wrote:
> Hi Nam,
Hi Antonio,
> On 26/06/2025 16:48, Nam Cao wrote:
> [...]
> > -static void vmd_msi_free(struct irq_domain *domain,
> > - struct msi_domain_info *info, unsigned int virq)
> > +static void vmd_msi_free(struct irq_domain *domain, unsigned int virq, unsigned int nr_irqs)
> > {
> > struct vmd_irq *vmdirq = irq_get_chip_data(virq);
> > - synchronize_srcu(&vmdirq->irq->srcu);
> > + for (int i = 0; i < nr_irqs; ++i) {
> > + synchronize_srcu(&vmdirq->irq->srcu);
> > - /* XXX: Potential optimization to rebalance */
> > - scoped_guard(raw_spinlock_irq, &list_lock)
> > - vmdirq->irq->count--;
> > + /* XXX: Potential optimization to rebalance */
> > + scoped_guard(raw_spinlock_irq, &list_lock)
> > + vmdirq->irq->count--;
> > - kfree(vmdirq);
> > + kfree(vmdirq);
> > + }
>
> By introducing a for loop in this function, you are re-using vmdirq after
> free'ing it.
>
> I can't send a patch because I am not faimliar with this API and I don't
> know how to fix it.
>
> However, the issue was reported today by Coverity.
>
> Any idea? :-)
Thanks for the report. That was indeed a mistake from my side.
I hope PCI maintainers don't mind squashing the below diff.
Sorry for the troubles so far,
Nam
diff --git a/drivers/pci/controller/vmd.c b/drivers/pci/controller/vmd.c
index 48a6096cbbc0..50f0c91d561c 100644
--- a/drivers/pci/controller/vmd.c
+++ b/drivers/pci/controller/vmd.c
@@ -280,9 +280,11 @@ static int vmd_msi_alloc(struct irq_domain *domain, unsigned int virq,
static void vmd_msi_free(struct irq_domain *domain, unsigned int virq,
unsigned int nr_irqs)
{
- struct vmd_irq *vmdirq = irq_get_chip_data(virq);
+ struct vmd_irq *vmdirq;
for (int i = 0; i < nr_irqs; ++i) {
+ vmdirq = irq_get_chip_data(virq + i);
+
synchronize_srcu(&vmdirq->irq->srcu);
/* XXX: Potential optimization to rebalance */
Powered by blists - more mailing lists