| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251017122123.v2.1.I60a53c170a8596661883bd2b4ef475155c7aa72b@changeid> Date: Fri, 17 Oct 2025 12:21:23 -0700 From: Brian Norris <briannorris@...omium.org> To: Bjorn Helgaas <bhelgaas@...gle.com> Cc: "Rafael J . Wysocki" <rafael@...nel.org>, linux-kernel@...r.kernel.org, Ilpo Järvinen <ilpo.jarvinen@...ux.intel.com>, linux-pm@...r.kernel.org, Lukas Wunner <lukas@...ner.de>, linux-pci@...r.kernel.org, Brian Norris <briannorris@...omium.org> Subject: [PATCH v2] PCI/PM: Prevent runtime suspend before devices are fully initialized Today, it's possible for a PCI device to be created and runtime-suspended before it is fully initialized. When that happens, the device will remain in D0, but the suspend process may save an intermediate version of that device's state -- for example, without appropriate BAR configuration. When the device later resumes, we'll restore invalid PCI state and the device may not function. Prevent runtime suspend for PCI devices by deferring pm_runtime_enable() until we've fully initialized the device. More details on how exactly this may occur: 1. PCI device is created by pci_scan_slot() or similar 2. As part of pci_scan_slot(), pci_pm_init() enables runtime PM; the device starts "active" and we initially prevent (pm_runtime_forbid()) suspend -- but see [*] footnote 3. Underlying 'struct device' is added to the system (device_add()); runtime PM can now be configured by user space 4. PCI device receives BAR configuration (pci_assign_unassigned_bus_resources(), etc.) 5. PCI device is added to the system in pci_bus_add_device() The device may potentially suspend between #3 and #4. [*] By default, pm_runtime_forbid() prevents suspending a device; but by design, this can be overridden by user space policy via echo auto > /sys/bus/pci/devices/.../power/control Thus, the above #3/#4 sequence is racy with user space (udev or similar). Notably, many PCI devices are enumerated at subsys_initcall time and so will not race with user space. However, there are several scenarios where PCI devices are created later on, such as with hotplug or when drivers (pwrctrl or controller drivers) are built as modules. Signed-off-by: Brian Norris <briannorris@...omium.org> Cc: <stable@...r.kernel.org> --- Changes in v2: * Update CC list * Rework problem description * Update solution: defer pm_runtime_enable(), instead of trying to get()/put() drivers/pci/bus.c | 3 +++ drivers/pci/pci.c | 1 - 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/pci/bus.c b/drivers/pci/bus.c index f26aec6ff588..fc66b6cb3a54 100644 --- a/drivers/pci/bus.c +++ b/drivers/pci/bus.c @@ -14,6 +14,7 @@ #include <linux/of.h> #include <linux/of_platform.h> #include <linux/platform_device.h> +#include <linux/pm_runtime.h> #include <linux/proc_fs.h> #include <linux/slab.h> @@ -375,6 +376,8 @@ void pci_bus_add_device(struct pci_dev *dev) put_device(&pdev->dev); } + pm_runtime_enable(&dev->dev); + if (!dn || of_device_is_available(dn)) pci_dev_allow_binding(dev); diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c index b14dd064006c..f792164fa297 100644 --- a/drivers/pci/pci.c +++ b/drivers/pci/pci.c @@ -3226,7 +3226,6 @@ void pci_pm_init(struct pci_dev *dev) pci_pm_power_up_and_verify_state(dev); pm_runtime_forbid(&dev->dev); pm_runtime_set_active(&dev->dev); - pm_runtime_enable(&dev->dev); } static unsigned long pci_ea_flags(struct pci_dev *dev, u8 prop) -- 2.51.0.858.gf9c4a03a3a-goog
Powered by blists - more mailing lists