From: John Garry <john.garry@huawei.com> To: Bjorn Helgaas <helgaas@kernel.org> Cc: <lorenzo.pieralisi@arm.com>, <arnd@arndb.de>, <linux-pci@vger.kernel.org>, <rjw@rjwysocki.net>, <linux-arm-kernel@lists.infradead.org>, <will.deacon@arm.com>, <wangkefeng.wang@huawei.com>, <linuxarm@huawei.com>, <andriy.shevchenko@linux.intel.com>, <linux-kernel@vger.kernel.org>, <catalin.marinas@arm.com> Subject: Re: [PATCH v4 1/3] lib: logic_pio: Use logical PIO low-level accessors for !CONFIG_INDIRECT_PIO Date: Thu, 13 Jun 2019 16:21:35 +0100 [thread overview] Message-ID: <5b03c093-26fb-0e01-6104-5f92eef7956e@huawei.com> (raw) In-Reply-To: <20190613135825.GG13533@google.com> On 13/06/2019 14:58, Bjorn Helgaas wrote: > On Tue, Jun 11, 2019 at 10:12:52PM +0800, John Garry wrote: > Another thought here: > >> if (addr < MMIO_UPPER_LIMIT) { \ >> ret = read##bw(PCI_IOBASE + addr); \ >> } else if (addr >= MMIO_UPPER_LIMIT && addr < IO_SPACE_LIMIT) { \ >> - struct logic_pio_hwaddr *entry = find_io_range(addr); \ >> + struct logic_pio_hwaddr *range = find_io_range(addr); \ >> + size_t sz = sizeof(type); \ >> \ >> - if (entry && entry->ops) \ >> - ret = entry->ops->in(entry->hostdata, \ >> - addr, sizeof(type)); \ >> + if (range && range->ops) \ >> + ret = range->ops->in(range->hostdata, addr, sz);\ >> else \ >> WARN_ON_ONCE(1); Hi Bjorn, \ > > Could this be simplified a little by requiring callers to set > range->ops for LOGIC_PIO_INDIRECT ranges *before* calling > logic_pio_register_range()? E.g., > > hisi_lpc_probe(...) > { > range = devm_kzalloc(...); > range->flags = LOGIC_PIO_INDIRECT; > range->ops = &hisi_lpc_ops; > logic_pio_register_range(range); > ... > > and > > logic_pio_register_range(struct logic_pio_hwaddr *new_range) > { > if (new_range->flags == LOGIC_PIO_INDIRECT && !new_range->ops) > return -EINVAL; > ... > > Then maybe you wouldn't need to check range->ops in the accessors. > I think I know the reason why it was done this way. So currently there is no method to unregister a logical PIO region (the old code leaked ranges as well). As such, if hisi_lpc_probe() fails after we register the logical PIO range, there would be a range registered but no actual host backing it. So we set the ops at the point at which the probe cannot fail to avoid a potential problem. And now I realise that there is a bug in the code - range is allocated with devm_kzalloc and is passed to logic_pio_register_range(). As such, if the hisi_lpc_probe() goes on to fail, then this memory would be free'd and we have an issue. PCI code should be ok as it uses kzalloc(). The simplest solution is to not change the logical PIO API to allocate this memory itself, but rather make hisi_lpc_probe() use kzalloc(). And, if we go this way, we can use your idea to set the ops. I'll spin a separate patch for this. Thanks, John > Bjorn > > . >
WARNING: multiple messages have this Message-ID (diff)
From: John Garry <john.garry@huawei.com> To: Bjorn Helgaas <helgaas@kernel.org> Cc: rjw@rjwysocki.net, wangkefeng.wang@huawei.com, lorenzo.pieralisi@arm.com, arnd@arndb.de, linux-pci@vger.kernel.org, will.deacon@arm.com, linuxarm@huawei.com, linux-kernel@vger.kernel.org, catalin.marinas@arm.com, andriy.shevchenko@linux.intel.com, linux-arm-kernel@lists.infradead.org Subject: Re: [PATCH v4 1/3] lib: logic_pio: Use logical PIO low-level accessors for !CONFIG_INDIRECT_PIO Date: Thu, 13 Jun 2019 16:21:35 +0100 [thread overview] Message-ID: <5b03c093-26fb-0e01-6104-5f92eef7956e@huawei.com> (raw) In-Reply-To: <20190613135825.GG13533@google.com> On 13/06/2019 14:58, Bjorn Helgaas wrote: > On Tue, Jun 11, 2019 at 10:12:52PM +0800, John Garry wrote: > Another thought here: > >> if (addr < MMIO_UPPER_LIMIT) { \ >> ret = read##bw(PCI_IOBASE + addr); \ >> } else if (addr >= MMIO_UPPER_LIMIT && addr < IO_SPACE_LIMIT) { \ >> - struct logic_pio_hwaddr *entry = find_io_range(addr); \ >> + struct logic_pio_hwaddr *range = find_io_range(addr); \ >> + size_t sz = sizeof(type); \ >> \ >> - if (entry && entry->ops) \ >> - ret = entry->ops->in(entry->hostdata, \ >> - addr, sizeof(type)); \ >> + if (range && range->ops) \ >> + ret = range->ops->in(range->hostdata, addr, sz);\ >> else \ >> WARN_ON_ONCE(1); Hi Bjorn, \ > > Could this be simplified a little by requiring callers to set > range->ops for LOGIC_PIO_INDIRECT ranges *before* calling > logic_pio_register_range()? E.g., > > hisi_lpc_probe(...) > { > range = devm_kzalloc(...); > range->flags = LOGIC_PIO_INDIRECT; > range->ops = &hisi_lpc_ops; > logic_pio_register_range(range); > ... > > and > > logic_pio_register_range(struct logic_pio_hwaddr *new_range) > { > if (new_range->flags == LOGIC_PIO_INDIRECT && !new_range->ops) > return -EINVAL; > ... > > Then maybe you wouldn't need to check range->ops in the accessors. > I think I know the reason why it was done this way. So currently there is no method to unregister a logical PIO region (the old code leaked ranges as well). As such, if hisi_lpc_probe() fails after we register the logical PIO range, there would be a range registered but no actual host backing it. So we set the ops at the point at which the probe cannot fail to avoid a potential problem. And now I realise that there is a bug in the code - range is allocated with devm_kzalloc and is passed to logic_pio_register_range(). As such, if the hisi_lpc_probe() goes on to fail, then this memory would be free'd and we have an issue. PCI code should be ok as it uses kzalloc(). The simplest solution is to not change the logical PIO API to allocate this memory itself, but rather make hisi_lpc_probe() use kzalloc(). And, if we go this way, we can use your idea to set the ops. I'll spin a separate patch for this. Thanks, John > Bjorn > > . > _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-06-13 15:21 UTC|newest] Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-06-11 14:12 [PATCH v4 0/3] Fix ARM64 crash for accessing unmapped IO port regions John Garry 2019-06-11 14:12 ` John Garry 2019-06-11 14:12 ` [PATCH v4 1/3] lib: logic_pio: Use logical PIO low-level accessors for !CONFIG_INDIRECT_PIO John Garry 2019-06-11 14:12 ` John Garry 2019-06-13 2:39 ` Bjorn Helgaas 2019-06-13 2:39 ` Bjorn Helgaas 2019-06-13 9:39 ` John Garry 2019-06-13 9:39 ` John Garry 2019-06-13 20:09 ` Bjorn Helgaas 2019-06-13 20:09 ` Bjorn Helgaas 2019-06-14 9:02 ` John Garry 2019-06-14 9:02 ` John Garry 2019-06-14 11:50 ` Bjorn Helgaas 2019-06-14 11:50 ` Bjorn Helgaas 2019-06-14 12:22 ` John Garry 2019-06-14 12:22 ` John Garry 2019-06-13 13:58 ` Bjorn Helgaas 2019-06-13 13:58 ` Bjorn Helgaas 2019-06-13 15:21 ` John Garry [this message] 2019-06-13 15:21 ` John Garry 2019-06-11 14:12 ` [PATCH v4 2/3] lib: logic_pio: Reject accesses to unregistered CPU MMIO regions John Garry 2019-06-11 14:12 ` John Garry 2019-06-13 3:20 ` Bjorn Helgaas 2019-06-13 3:20 ` Bjorn Helgaas 2019-06-13 7:47 ` Arnd Bergmann 2019-06-13 7:47 ` Arnd Bergmann 2019-06-13 10:17 ` John Garry 2019-06-13 10:17 ` John Garry 2019-06-13 13:46 ` Bjorn Helgaas 2019-06-13 13:46 ` Bjorn Helgaas 2019-06-13 14:09 ` John Garry 2019-06-13 14:09 ` John Garry 2019-06-11 14:12 ` [PATCH v4 3/3] lib: logic_pio: Fix up a print John Garry 2019-06-11 14:12 ` John Garry
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=5b03c093-26fb-0e01-6104-5f92eef7956e@huawei.com \ --to=john.garry@huawei.com \ --cc=andriy.shevchenko@linux.intel.com \ --cc=arnd@arndb.de \ --cc=catalin.marinas@arm.com \ --cc=helgaas@kernel.org \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-pci@vger.kernel.org \ --cc=linuxarm@huawei.com \ --cc=lorenzo.pieralisi@arm.com \ --cc=rjw@rjwysocki.net \ --cc=wangkefeng.wang@huawei.com \ --cc=will.deacon@arm.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.