| Message ID | 20240813110532.870869-2-yanfei.xu@intel.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | Fixes for hdm docoder initialization from DVSEC ranges | expand |
On Tue, 13 Aug 2024 19:05:29 +0800 Yanfei Xu <yanfei.xu@intel.com> wrote: > The function cxl_dvsec_rr_decode() retrieves and records DVSEC ranges > into info->dvsec_range[], regardless of whether it is non-zero range, > and the variable info->ranges indicates the number of non-zero ranges. > However, in cxl_hdm_decode_init(), the validation for > info->dvsec_range[] occurs in a for loop that iterates based on > info->ranges. It may result in zero range to be validated but non-zero > range not be validated, in turn, the number of allowed ranges is to be > 0. Address it by only record non-zero ranges. > > This fix is not urgent as it requires a configuration that zeroes out > the first dvsec range while populating the second. This has not been > observed, but it is theoretically possible. If this gets picked up for > -stable, no harm done, but there is no urgency to backport. > > Fixes: 560f78559006 ("cxl/pci: Retrieve CXL DVSEC memory info") > Signed-off-by: Yanfei Xu <yanfei.xu@intel.com> LGTM Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
diff --git a/drivers/cxl/core/pci.c b/drivers/cxl/core/pci.c index a663e7566c48..2d69340134da 100644 --- a/drivers/cxl/core/pci.c +++ b/drivers/cxl/core/pci.c @@ -390,10 +390,6 @@ int cxl_dvsec_rr_decode(struct device *dev, int d, size |= temp & CXL_DVSEC_MEM_SIZE_LOW_MASK; if (!size) { - info->dvsec_range[i] = (struct range) { - .start = 0, - .end = CXL_RESOURCE_NONE, - }; continue; } @@ -411,12 +407,10 @@ int cxl_dvsec_rr_decode(struct device *dev, int d, base |= temp & CXL_DVSEC_MEM_BASE_LOW_MASK; - info->dvsec_range[i] = (struct range) { + info->dvsec_range[ranges++] = (struct range) { .start = base, .end = base + size - 1 }; - - ranges++; } info->ranges = ranges;
The function cxl_dvsec_rr_decode() retrieves and records DVSEC ranges into info->dvsec_range[], regardless of whether it is non-zero range, and the variable info->ranges indicates the number of non-zero ranges. However, in cxl_hdm_decode_init(), the validation for info->dvsec_range[] occurs in a for loop that iterates based on info->ranges. It may result in zero range to be validated but non-zero range not be validated, in turn, the number of allowed ranges is to be 0. Address it by only record non-zero ranges. This fix is not urgent as it requires a configuration that zeroes out the first dvsec range while populating the second. This has not been observed, but it is theoretically possible. If this gets picked up for -stable, no harm done, but there is no urgency to backport. Fixes: 560f78559006 ("cxl/pci: Retrieve CXL DVSEC memory info") Signed-off-by: Yanfei Xu <yanfei.xu@intel.com> --- drivers/cxl/core/pci.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-)