Linux-ACPI Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH 0/3] ACPICA release 20200717
@ 2020-07-20 17:31 Erik Kaneda
  2020-07-20 17:31 ` [PATCH 1/3] ACPICA: Replace one-element array with flexible-array Erik Kaneda
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: Erik Kaneda @ 2020-07-20 17:31 UTC (permalink / raw)
  To: Rafael J . Wysocki, linux-acpi; +Cc: Erik Kaneda

This series contains patches relevant to linux kernel from ACPICA's
20200717 release. This ACPICA release contains a change in the ACPI
object reference counting mechanism to allow firmware to declare a
large amount of OperationRegion field units without overflowing the
reference count.

Bob Moore (1):
  ACPICA: Update version to 20200717 Version 20200717.

Erik Kaneda (1):
  ACPICA: Do not increment operation_region reference counts for field
    units

Gustavo A. R. Silva (1):
  ACPICA: Replace one-element array with flexible-array

 drivers/acpi/acpica/exprep.c   | 4 ----
 drivers/acpi/acpica/utdelete.c | 6 +-----
 drivers/acpi/acpica/utids.c    | 3 +--
 include/acpi/acpixf.h          | 2 +-
 include/acpi/actypes.h         | 2 +-
 5 files changed, 4 insertions(+), 13 deletions(-)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 5+ messages in thread

* [PATCH 1/3] ACPICA: Replace one-element array with flexible-array
  2020-07-20 17:31 [PATCH 0/3] ACPICA release 20200717 Erik Kaneda
@ 2020-07-20 17:31 ` Erik Kaneda
  2020-07-20 17:31 ` [PATCH 2/3] ACPICA: Do not increment operation_region reference counts for field units Erik Kaneda
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: Erik Kaneda @ 2020-07-20 17:31 UTC (permalink / raw)
  To: Rafael J . Wysocki, linux-acpi
  Cc: Gustavo A. R. Silva, Erik Kaneda, Bob Moore

From: "Gustavo A. R. Silva" <gustavoars@kernel.org>

ACPICA commit 7ba2f3d91a32f104765961fda0ed78b884ae193d

The current codebase makes use of one-element arrays in the following
form:

struct something {
    int length;
    u8 data[1];
};

struct something *instance;

instance = kmalloc(sizeof(*instance) + size, GFP_KERNEL);
instance->length = size;
memcpy(instance->data, source, size);

but the preferred mechanism to declare variable-length types such as
these ones is a flexible array member[1][2], introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure,
which will help us prevent some kind of undefined behavior bugs from
being inadvertently introduced[3] to the linux codebase from now on.

This issue was found with the help of Coccinelle and audited _manually_.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] https://github.com/KSPP/linux/issues/21
[3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")

Link: https://github.com/acpica/acpica/commit/7ba2f3d9
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Signed-off-by: Erik Kaneda <erik.kaneda@intel.com>
Signed-off-by: Bob Moore <robert.moore@intel.com>
---
 drivers/acpi/acpica/utids.c | 3 +--
 include/acpi/actypes.h      | 2 +-
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/drivers/acpi/acpica/utids.c b/drivers/acpi/acpica/utids.c
index 3bb06935a2ad..3e68864ef242 100644
--- a/drivers/acpi/acpica/utids.c
+++ b/drivers/acpi/acpica/utids.c
@@ -263,8 +263,7 @@ acpi_ut_execute_CID(struct acpi_namespace_node *device_node,
 	 * 3) Size of the actual CID strings
 	 */
 	cid_list_size = sizeof(struct acpi_pnp_device_id_list) +
-	    ((count - 1) * sizeof(struct acpi_pnp_device_id)) +
-	    string_area_size;
+	    (count * sizeof(struct acpi_pnp_device_id)) + string_area_size;
 
 	cid_list = ACPI_ALLOCATE_ZEROED(cid_list_size);
 	if (!cid_list) {
diff --git a/include/acpi/actypes.h b/include/acpi/actypes.h
index d005e35ab399..d50e61384f1f 100644
--- a/include/acpi/actypes.h
+++ b/include/acpi/actypes.h
@@ -1146,7 +1146,7 @@ struct acpi_pnp_device_id {
 struct acpi_pnp_device_id_list {
 	u32 count;		/* Number of IDs in Ids array */
 	u32 list_size;		/* Size of list, including ID strings */
-	struct acpi_pnp_device_id ids[1];	/* ID array */
+	struct acpi_pnp_device_id ids[];	/* ID array */
 };
 
 /*
-- 
2.25.1


^ permalink raw reply	[flat|nested] 5+ messages in thread

* [PATCH 2/3] ACPICA: Do not increment operation_region reference counts for field units
  2020-07-20 17:31 [PATCH 0/3] ACPICA release 20200717 Erik Kaneda
  2020-07-20 17:31 ` [PATCH 1/3] ACPICA: Replace one-element array with flexible-array Erik Kaneda
@ 2020-07-20 17:31 ` Erik Kaneda
  2020-07-20 17:31 ` [PATCH 3/3] ACPICA: Update version to 20200717 Version 20200717 Erik Kaneda
  2020-07-27 12:56 ` [PATCH 0/3] ACPICA release 20200717 Rafael J. Wysocki
  3 siblings, 0 replies; 5+ messages in thread
From: Erik Kaneda @ 2020-07-20 17:31 UTC (permalink / raw)
  To: Rafael J . Wysocki, linux-acpi; +Cc: Erik Kaneda, Bob Moore

ACPICA commit e17b28cfcc31918d0db9547b6b274b09c413eb70

Object reference counts are used as a part of ACPICA's garbage
collection mechanism. This mechanism keeps track of references to
heap-allocated structures such as the ACPI operand objects.

Recent server firmware has revealed that this reference count can
overflow on large servers that declare many field units under the
same operation_region. This occurs because each field unit declaration
will add a reference count to the source operation_region.

This change solves the reference count overflow for operation_regions
objects by preventing fieldunits from incrementing their
operation_region's reference count. Each operation_region's reference
count will not be changed by named objects declared under the Field
operator. During namespace deletion, the operation_region namespace
node will be deleted and each fieldunit will be deleted without
touching the deleted operation_region object.

Link: https://github.com/acpica/acpica/commit/e17b28cf
Signed-off-by: Erik Kaneda <erik.kaneda@intel.com>
Signed-off-by: Bob Moore <robert.moore@intel.com>
---
 drivers/acpi/acpica/exprep.c   | 4 ----
 drivers/acpi/acpica/utdelete.c | 6 +-----
 2 files changed, 1 insertion(+), 9 deletions(-)

diff --git a/drivers/acpi/acpica/exprep.c b/drivers/acpi/acpica/exprep.c
index a4e306690a21..4a0f03157e08 100644
--- a/drivers/acpi/acpica/exprep.c
+++ b/drivers/acpi/acpica/exprep.c
@@ -473,10 +473,6 @@ acpi_status acpi_ex_prep_field_value(struct acpi_create_field_info *info)
 				    (u8)access_byte_width;
 			}
 		}
-		/* An additional reference for the container */
-
-		acpi_ut_add_reference(obj_desc->field.region_obj);
-
 		ACPI_DEBUG_PRINT((ACPI_DB_BFIELD,
 				  "RegionField: BitOff %X, Off %X, Gran %X, Region %p\n",
 				  obj_desc->field.start_field_bit_offset,
diff --git a/drivers/acpi/acpica/utdelete.c b/drivers/acpi/acpica/utdelete.c
index c365faf4e6cd..4c0d4e434196 100644
--- a/drivers/acpi/acpica/utdelete.c
+++ b/drivers/acpi/acpica/utdelete.c
@@ -568,11 +568,6 @@ acpi_ut_update_object_reference(union acpi_operand_object *object, u16 action)
 			next_object = object->buffer_field.buffer_obj;
 			break;
 
-		case ACPI_TYPE_LOCAL_REGION_FIELD:
-
-			next_object = object->field.region_obj;
-			break;
-
 		case ACPI_TYPE_LOCAL_BANK_FIELD:
 
 			next_object = object->bank_field.bank_obj;
@@ -613,6 +608,7 @@ acpi_ut_update_object_reference(union acpi_operand_object *object, u16 action)
 			}
 			break;
 
+		case ACPI_TYPE_LOCAL_REGION_FIELD:
 		case ACPI_TYPE_REGION:
 		default:
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 5+ messages in thread

* [PATCH 3/3] ACPICA: Update version to 20200717 Version 20200717.
  2020-07-20 17:31 [PATCH 0/3] ACPICA release 20200717 Erik Kaneda
  2020-07-20 17:31 ` [PATCH 1/3] ACPICA: Replace one-element array with flexible-array Erik Kaneda
  2020-07-20 17:31 ` [PATCH 2/3] ACPICA: Do not increment operation_region reference counts for field units Erik Kaneda
@ 2020-07-20 17:31 ` Erik Kaneda
  2020-07-27 12:56 ` [PATCH 0/3] ACPICA release 20200717 Rafael J. Wysocki
  3 siblings, 0 replies; 5+ messages in thread
From: Erik Kaneda @ 2020-07-20 17:31 UTC (permalink / raw)
  To: Rafael J . Wysocki, linux-acpi; +Cc: Bob Moore, Erik Kaneda

From: Bob Moore <robert.moore@intel.com>

ACPICA commit c1adb9a2a775df7a85df0103342ebf090e1b2016

Link: https://github.com/acpica/acpica/commit/c1adb9a2
Signed-off-by: Bob Moore <robert.moore@intel.com>
Signed-off-by: Erik Kaneda <erik.kaneda@intel.com>
---
 include/acpi/acpixf.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/acpi/acpixf.h b/include/acpi/acpixf.h
index 459d6981ca96..9dc816641286 100644
--- a/include/acpi/acpixf.h
+++ b/include/acpi/acpixf.h
@@ -12,7 +12,7 @@
 
 /* Current ACPICA subsystem version in YYYYMMDD format */
 
-#define ACPI_CA_VERSION                 0x20200528
+#define ACPI_CA_VERSION                 0x20200717
 
 #include <acpi/acconfig.h>
 #include <acpi/actypes.h>
-- 
2.25.1


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 0/3] ACPICA release 20200717
  2020-07-20 17:31 [PATCH 0/3] ACPICA release 20200717 Erik Kaneda
                   ` (2 preceding siblings ...)
  2020-07-20 17:31 ` [PATCH 3/3] ACPICA: Update version to 20200717 Version 20200717 Erik Kaneda
@ 2020-07-27 12:56 ` Rafael J. Wysocki
  3 siblings, 0 replies; 5+ messages in thread
From: Rafael J. Wysocki @ 2020-07-27 12:56 UTC (permalink / raw)
  To: Erik Kaneda; +Cc: Rafael J . Wysocki, ACPI Devel Maling List

On Mon, Jul 20, 2020 at 7:55 PM Erik Kaneda <erik.kaneda@intel.com> wrote:
>
> This series contains patches relevant to linux kernel from ACPICA's
> 20200717 release. This ACPICA release contains a change in the ACPI
> object reference counting mechanism to allow firmware to declare a
> large amount of OperationRegion field units without overflowing the
> reference count.
>
> Bob Moore (1):
>   ACPICA: Update version to 20200717 Version 20200717.
>
> Erik Kaneda (1):
>   ACPICA: Do not increment operation_region reference counts for field
>     units
>
> Gustavo A. R. Silva (1):
>   ACPICA: Replace one-element array with flexible-array
>
>  drivers/acpi/acpica/exprep.c   | 4 ----
>  drivers/acpi/acpica/utdelete.c | 6 +-----
>  drivers/acpi/acpica/utids.c    | 3 +--
>  include/acpi/acpixf.h          | 2 +-
>  include/acpi/actypes.h         | 2 +-
>  5 files changed, 4 insertions(+), 13 deletions(-)
>
> --

All three patches applied as 5.9 material, thanks!

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, back to index

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-20 17:31 [PATCH 0/3] ACPICA release 20200717 Erik Kaneda
2020-07-20 17:31 ` [PATCH 1/3] ACPICA: Replace one-element array with flexible-array Erik Kaneda
2020-07-20 17:31 ` [PATCH 2/3] ACPICA: Do not increment operation_region reference counts for field units Erik Kaneda
2020-07-20 17:31 ` [PATCH 3/3] ACPICA: Update version to 20200717 Version 20200717 Erik Kaneda
2020-07-27 12:56 ` [PATCH 0/3] ACPICA release 20200717 Rafael J. Wysocki

Linux-ACPI Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-acpi/0 linux-acpi/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-acpi linux-acpi/ https://lore.kernel.org/linux-acpi \
		linux-acpi@vger.kernel.org
	public-inbox-index linux-acpi

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-acpi


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git