| Message ID | 20241022030054.258942-1-lizhijian@fujitsu.com |
|---|---|
| State | Accepted |
| Commit | cce3cd647721dc30273f0546852b5c26820eb715 |
| Headers | show |
| Series | [v3] cxl/core: Return error when cxl_endpoint_gather_bandwidth() handles a non-PCI device | expand |
Li Zhijian <lizhijian@fujitsu.com> writes: > The function cxl_endpoint_gather_bandwidth() invokes > pci_bus_read/write_XXX(), however, not all CXL devices are presently > implemented via PCI. It is recognized that the cxl_test has realized a CXL > device using a platform device. > > Calling pci_bus_read/write_XXX() in cxl_test will cause kernel panic: > platform cxl_host_bridge.3: host supports CXL (restricted) > Oops: general protection fault, probably for non-canonical address 0x3ef17856fcae4fbd: 0000 [#1] PREEMPT SMP PTI > Call Trace: > <TASK> > ? __die_body.cold+0x19/0x27 > ? die_addr+0x38/0x60 > ? exc_general_protection+0x1f5/0x4b0 > ? asm_exc_general_protection+0x22/0x30 > ? pci_bus_read_config_word+0x1c/0x60 > pcie_capability_read_word+0x93/0xb0 > pcie_link_speed_mbps+0x18/0x50 > cxl_pci_get_bandwidth+0x18/0x60 [cxl_core] > cxl_endpoint_gather_bandwidth.constprop.0+0xf4/0x230 [cxl_core] > ? xas_store+0x54/0x660 > ? preempt_count_add+0x69/0xa0 > ? _raw_spin_lock+0x13/0x40 > ? __kmalloc_cache_noprof+0xe7/0x270 > cxl_region_shared_upstream_bandwidth_update+0x9c/0x790 [cxl_core] > cxl_region_attach+0x520/0x7e0 [cxl_core] > store_targetN+0xf2/0x120 [cxl_core] > kernfs_fop_write_iter+0x13a/0x1f0 > vfs_write+0x23b/0x410 > ksys_write+0x53/0xd0 > do_syscall_64+0x62/0x180 > entry_SYSCALL_64_after_hwframe+0x76/0x7e > > And Ying also reported a KASAN error with similar calltrace. > > Reported-by: "Huang, Ying" <ying.huang@intel.com> > Closes: http://lore.kernel.org/87y12w9vp5.fsf@yhuang6-desk2.ccr.corp.intel.com > Fixes: a5ab0de0ebaa ("cxl: Calculate region bandwidth of targets with shared upstream link") > Signed-off-by: Li Zhijian <lizhijian@fujitsu.com> > Reviewed-by: Dan Williams <dan.j.williams@intel.com> This patch can eliminate the KASAN error when `modprobe cxl_test`. Feel free to add Tested-by: "Huang, Ying" <ying.huang@intel.com> in the future versions. -- Best Regards, Huang, Ying > --- > V3: > update return code to ENODEV and change logs #Dan > > V2: > Check device type in original cxl_endpoint_gather_bandwidth() instead of mocking a new one. # Dan > Also noticed that the existing cxl_switch_gather_bandwidth() also have the same check. > --- > drivers/cxl/core/cdat.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/drivers/cxl/core/cdat.c b/drivers/cxl/core/cdat.c > index ef1621d40f05..e9cd7939c407 100644 > --- a/drivers/cxl/core/cdat.c > +++ b/drivers/cxl/core/cdat.c > @@ -641,6 +641,9 @@ static int cxl_endpoint_gather_bandwidth(struct cxl_region *cxlr, > void *ptr; > int rc; > > + if (!dev_is_pci(cxlds->dev)) > + return -ENODEV; > + > if (cxlds->rcd) > return -ENODEV;
diff --git a/drivers/cxl/core/cdat.c b/drivers/cxl/core/cdat.c index ef1621d40f05..e9cd7939c407 100644 --- a/drivers/cxl/core/cdat.c +++ b/drivers/cxl/core/cdat.c @@ -641,6 +641,9 @@ static int cxl_endpoint_gather_bandwidth(struct cxl_region *cxlr, void *ptr; int rc; + if (!dev_is_pci(cxlds->dev)) + return -ENODEV; + if (cxlds->rcd) return -ENODEV;
The function cxl_endpoint_gather_bandwidth() invokes pci_bus_read/write_XXX(), however, not all CXL devices are presently implemented via PCI. It is recognized that the cxl_test has realized a CXL device using a platform device. Calling pci_bus_read/write_XXX() in cxl_test will cause kernel panic: platform cxl_host_bridge.3: host supports CXL (restricted) Oops: general protection fault, probably for non-canonical address 0x3ef17856fcae4fbd: 0000 [#1] PREEMPT SMP PTI Call Trace: <TASK> ? __die_body.cold+0x19/0x27 ? die_addr+0x38/0x60 ? exc_general_protection+0x1f5/0x4b0 ? asm_exc_general_protection+0x22/0x30 ? pci_bus_read_config_word+0x1c/0x60 pcie_capability_read_word+0x93/0xb0 pcie_link_speed_mbps+0x18/0x50 cxl_pci_get_bandwidth+0x18/0x60 [cxl_core] cxl_endpoint_gather_bandwidth.constprop.0+0xf4/0x230 [cxl_core] ? xas_store+0x54/0x660 ? preempt_count_add+0x69/0xa0 ? _raw_spin_lock+0x13/0x40 ? __kmalloc_cache_noprof+0xe7/0x270 cxl_region_shared_upstream_bandwidth_update+0x9c/0x790 [cxl_core] cxl_region_attach+0x520/0x7e0 [cxl_core] store_targetN+0xf2/0x120 [cxl_core] kernfs_fop_write_iter+0x13a/0x1f0 vfs_write+0x23b/0x410 ksys_write+0x53/0xd0 do_syscall_64+0x62/0x180 entry_SYSCALL_64_after_hwframe+0x76/0x7e And Ying also reported a KASAN error with similar calltrace. Reported-by: "Huang, Ying" <ying.huang@intel.com> Closes: http://lore.kernel.org/87y12w9vp5.fsf@yhuang6-desk2.ccr.corp.intel.com Fixes: a5ab0de0ebaa ("cxl: Calculate region bandwidth of targets with shared upstream link") Signed-off-by: Li Zhijian <lizhijian@fujitsu.com> Reviewed-by: Dan Williams <dan.j.williams@intel.com> --- V3: update return code to ENODEV and change logs #Dan V2: Check device type in original cxl_endpoint_gather_bandwidth() instead of mocking a new one. # Dan Also noticed that the existing cxl_switch_gather_bandwidth() also have the same check. --- drivers/cxl/core/cdat.c | 3 +++ 1 file changed, 3 insertions(+)