[1/7] cxl/region: Fix region HPA ordering validation

Message ID	166752182461.947915.497032805239915067.stgit@dwillia2-xfh.jf.intel.com
State	Accepted
Commit	97f89f48e557d8a01c081efc617c19aaa4151a37
Headers	show Return-Path: <linux-cxl-owner@kernel.org> Subject: [PATCH 1/7] cxl/region: Fix region HPA ordering validation From: Dan Williams <dan.j.williams@intel.com> To: linux-cxl@vger.kernel.org Cc: stable@vger.kernel.org, vishal.l.verma@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, ira.weiny@intel.com, dave.jiang@intel.com Date: Thu, 03 Nov 2022 17:30:24 -0700 Message-ID: <166752182461.947915.497032805239915067.stgit@dwillia2-xfh.jf.intel.com> In-Reply-To: <166752181697.947915.744835334283138352.stgit@dwillia2-xfh.jf.intel.com> References: <166752181697.947915.744835334283138352.stgit@dwillia2-xfh.jf.intel.com> User-Agent: StGit/0.18-3-g996c MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Precedence: bulk
Series	CXL region creation fixes for 6.1 \| expand [0/7] CXL region creation fixes for 6.1 [1/7] cxl/region: Fix region HPA ordering validation [2/7] cxl/region: Fix cxl_region leak, cleanup targets at region delete [3/7] cxl/pmem: Fix cxl_pmem_region and cxl_memdev leak [4/7] tools/testing/cxl: Fix some error exits [5/7] tools/testing/cxl: Add a single-port host-bridge regression config [6/7] cxl/region: Fix 'distance' calculation with passthrough ports [7/7] cxl/region: Recycle region ids

Message ID

166752182461.947915.497032805239915067.stgit@dwillia2-xfh.jf.intel.com

State

Accepted

Commit

97f89f48e557d8a01c081efc617c19aaa4151a37

Headers

Subject: [PATCH 1/7] cxl/region: Fix region HPA ordering validation
From: Dan Williams <dan.j.williams@intel.com>
To: linux-cxl@vger.kernel.org
Cc: stable@vger.kernel.org, vishal.l.verma@intel.com,
        vishal.l.verma@intel.com, alison.schofield@intel.com,
        ira.weiny@intel.com, dave.jiang@intel.com
Date: Thu, 03 Nov 2022 17:30:24 -0700
Message-ID: 
 <166752182461.947915.497032805239915067.stgit@dwillia2-xfh.jf.intel.com>
In-Reply-To: 
 <166752181697.947915.744835334283138352.stgit@dwillia2-xfh.jf.intel.com>
References: 
 <166752181697.947915.744835334283138352.stgit@dwillia2-xfh.jf.intel.com>
User-Agent: StGit/0.18-3-g996c
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Precedence: bulk

Series

CXL region creation fixes for 6.1 | expand

Commit Message

Dan Williams Nov. 4, 2022, 12:30 a.m. UTC

Some regions may not have any address space allocated. Skip them when
validating HPA order otherwise a crash like the following may result:

 devm_cxl_add_region: cxl_acpi cxl_acpi.0: decoder3.4: created region9
 BUG: kernel NULL pointer dereference, address: 0000000000000000
 [..]
 RIP: 0010:store_targetN+0x655/0x1740 [cxl_core]
 [..]
 Call Trace:
  <TASK>
  kernfs_fop_write_iter+0x144/0x200
  vfs_write+0x24a/0x4d0
  ksys_write+0x69/0xf0
  do_syscall_64+0x3a/0x90

store_targetN+0x655/0x1740:
alloc_region_ref at drivers/cxl/core/region.c:676
(inlined by) cxl_port_attach_region at drivers/cxl/core/region.c:850
(inlined by) cxl_region_attach at drivers/cxl/core/region.c:1290
(inlined by) attach_target at drivers/cxl/core/region.c:1410
(inlined by) store_targetN at drivers/cxl/core/region.c:1453

Cc: <stable@vger.kernel.org>
Fixes: 384e624bb211 ("cxl/region: Attach endpoint decoders")
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
---
 drivers/cxl/core/region.c |    3 +++
 1 file changed, 3 insertions(+)

Comments

Verma, Vishal L Nov. 4, 2022, 5:34 a.m. UTC | #1

On Thu, 2022-11-03 at 17:30 -0700, Dan Williams wrote:
> Some regions may not have any address space allocated. Skip them when
> validating HPA order otherwise a crash like the following may result:
> 
>  devm_cxl_add_region: cxl_acpi cxl_acpi.0: decoder3.4: created
> region9
>  BUG: kernel NULL pointer dereference, address: 0000000000000000
>  [..]
>  RIP: 0010:store_targetN+0x655/0x1740 [cxl_core]
>  [..]
>  Call Trace:
>   <TASK>
>   kernfs_fop_write_iter+0x144/0x200
>   vfs_write+0x24a/0x4d0
>   ksys_write+0x69/0xf0
>   do_syscall_64+0x3a/0x90
> 
> store_targetN+0x655/0x1740:
> alloc_region_ref at drivers/cxl/core/region.c:676
> (inlined by) cxl_port_attach_region at drivers/cxl/core/region.c:850
> (inlined by) cxl_region_attach at drivers/cxl/core/region.c:1290
> (inlined by) attach_target at drivers/cxl/core/region.c:1410
> (inlined by) store_targetN at drivers/cxl/core/region.c:1453
> 
> Cc: <stable@vger.kernel.org>
> Fixes: 384e624bb211 ("cxl/region: Attach endpoint decoders")
> Signed-off-by: Dan Williams <dan.j.williams@intel.com>
> ---
>  drivers/cxl/core/region.c |    3 +++
>  1 file changed, 3 insertions(+)

Makes sense,

Reviewed-by: Vishal Verma <vishal.l.verma@intel.com>

> 
> diff --git a/drivers/cxl/core/region.c b/drivers/cxl/core/region.c
> index bb6f4fc84a3f..d26ca7a6beae 100644
> --- a/drivers/cxl/core/region.c
> +++ b/drivers/cxl/core/region.c
> @@ -658,6 +658,9 @@ static struct cxl_region_ref
> *alloc_region_ref(struct cxl_port *port,
>         xa_for_each(&port->regions, index, iter) {
>                 struct cxl_region_params *ip = &iter->region->params;
>  
> +               if (!ip->res)
> +                       continue;
> +
>                 if (ip->res->start > p->res->start) {
>                         dev_dbg(&cxlr->dev,
>                                 "%s: HPA order violation %s:%pr vs
> %pr\n",
>

Dave Jiang Nov. 4, 2022, 9:36 p.m. UTC | #2

On 11/3/2022 5:30 PM, Dan Williams wrote:
> Some regions may not have any address space allocated. Skip them when
> validating HPA order otherwise a crash like the following may result:
> 
>   devm_cxl_add_region: cxl_acpi cxl_acpi.0: decoder3.4: created region9
>   BUG: kernel NULL pointer dereference, address: 0000000000000000
>   [..]
>   RIP: 0010:store_targetN+0x655/0x1740 [cxl_core]
>   [..]
>   Call Trace:
>    <TASK>
>    kernfs_fop_write_iter+0x144/0x200
>    vfs_write+0x24a/0x4d0
>    ksys_write+0x69/0xf0
>    do_syscall_64+0x3a/0x90
> 
> store_targetN+0x655/0x1740:
> alloc_region_ref at drivers/cxl/core/region.c:676
> (inlined by) cxl_port_attach_region at drivers/cxl/core/region.c:850
> (inlined by) cxl_region_attach at drivers/cxl/core/region.c:1290
> (inlined by) attach_target at drivers/cxl/core/region.c:1410
> (inlined by) store_targetN at drivers/cxl/core/region.c:1453
> 
> Cc: <stable@vger.kernel.org>
> Fixes: 384e624bb211 ("cxl/region: Attach endpoint decoders")
> Signed-off-by: Dan Williams <dan.j.williams@intel.com>

Reviewed-by: Dave Jiang <dave.jiang@intel.com>

> ---
>   drivers/cxl/core/region.c |    3 +++
>   1 file changed, 3 insertions(+)
> 
> diff --git a/drivers/cxl/core/region.c b/drivers/cxl/core/region.c
> index bb6f4fc84a3f..d26ca7a6beae 100644
> --- a/drivers/cxl/core/region.c
> +++ b/drivers/cxl/core/region.c
> @@ -658,6 +658,9 @@ static struct cxl_region_ref *alloc_region_ref(struct cxl_port *port,
>   	xa_for_each(&port->regions, index, iter) {
>   		struct cxl_region_params *ip = &iter->region->params;
>   
> +		if (!ip->res)
> +			continue;
> +
>   		if (ip->res->start > p->res->start) {
>   			dev_dbg(&cxlr->dev,
>   				"%s: HPA order violation %s:%pr vs %pr\n",
>

diff --git a/drivers/cxl/core/region.c b/drivers/cxl/core/region.c
index bb6f4fc84a3f..d26ca7a6beae 100644
--- a/drivers/cxl/core/region.c
+++ b/drivers/cxl/core/region.c
@@ -658,6 +658,9 @@  static struct cxl_region_ref *alloc_region_ref(struct cxl_port *port,
 	xa_for_each(&port->regions, index, iter) {
 		struct cxl_region_params *ip = &iter->region->params;
 
+		if (!ip->res)
+			continue;
+
 		if (ip->res->start > p->res->start) {
 			dev_dbg(&cxlr->dev,
 				"%s: HPA order violation %s:%pr vs %pr\n",

[1/7] cxl/region: Fix region HPA ordering validation

Commit Message

Comments

Patch