diff mbox series

[v3] cxl/core: Return error when cxl_endpoint_gather_bandwidth() handles a non-PCI device

Message ID 20241022030054.258942-1-lizhijian@fujitsu.com
State Accepted
Commit cce3cd647721dc30273f0546852b5c26820eb715
Headers show
Series [v3] cxl/core: Return error when cxl_endpoint_gather_bandwidth() handles a non-PCI device | expand

Commit Message

Li Zhijian Oct. 22, 2024, 3 a.m. UTC
The function cxl_endpoint_gather_bandwidth() invokes
pci_bus_read/write_XXX(), however, not all CXL devices are presently
implemented via PCI. It is recognized that the cxl_test has realized a CXL
device using a platform device.

Calling pci_bus_read/write_XXX() in cxl_test will cause kernel panic:
 platform cxl_host_bridge.3: host supports CXL (restricted)
 Oops: general protection fault, probably for non-canonical address 0x3ef17856fcae4fbd: 0000 [#1] PREEMPT SMP PTI
 Call Trace:
  <TASK>
  ? __die_body.cold+0x19/0x27
  ? die_addr+0x38/0x60
  ? exc_general_protection+0x1f5/0x4b0
  ? asm_exc_general_protection+0x22/0x30
  ? pci_bus_read_config_word+0x1c/0x60
  pcie_capability_read_word+0x93/0xb0
  pcie_link_speed_mbps+0x18/0x50
  cxl_pci_get_bandwidth+0x18/0x60 [cxl_core]
  cxl_endpoint_gather_bandwidth.constprop.0+0xf4/0x230 [cxl_core]
  ? xas_store+0x54/0x660
  ? preempt_count_add+0x69/0xa0
  ? _raw_spin_lock+0x13/0x40
  ? __kmalloc_cache_noprof+0xe7/0x270
  cxl_region_shared_upstream_bandwidth_update+0x9c/0x790 [cxl_core]
  cxl_region_attach+0x520/0x7e0 [cxl_core]
  store_targetN+0xf2/0x120 [cxl_core]
  kernfs_fop_write_iter+0x13a/0x1f0
  vfs_write+0x23b/0x410
  ksys_write+0x53/0xd0
  do_syscall_64+0x62/0x180
  entry_SYSCALL_64_after_hwframe+0x76/0x7e

And Ying also reported a KASAN error with similar calltrace.

Reported-by: "Huang, Ying" <ying.huang@intel.com>
Closes: http://lore.kernel.org/87y12w9vp5.fsf@yhuang6-desk2.ccr.corp.intel.com
Fixes: a5ab0de0ebaa ("cxl: Calculate region bandwidth of targets with shared upstream link")
Signed-off-by: Li Zhijian <lizhijian@fujitsu.com>
Reviewed-by: Dan Williams <dan.j.williams@intel.com>
---
V3:
  update return code to ENODEV and change logs #Dan

V2:
  Check device type in original cxl_endpoint_gather_bandwidth() instead of mocking a new one. # Dan
  Also noticed that the existing cxl_switch_gather_bandwidth() also have the same check.
---
 drivers/cxl/core/cdat.c | 3 +++
 1 file changed, 3 insertions(+)

Comments

Huang, Ying Oct. 22, 2024, 5:08 a.m. UTC | #1
Li Zhijian <lizhijian@fujitsu.com> writes:

> The function cxl_endpoint_gather_bandwidth() invokes
> pci_bus_read/write_XXX(), however, not all CXL devices are presently
> implemented via PCI. It is recognized that the cxl_test has realized a CXL
> device using a platform device.
>
> Calling pci_bus_read/write_XXX() in cxl_test will cause kernel panic:
>  platform cxl_host_bridge.3: host supports CXL (restricted)
>  Oops: general protection fault, probably for non-canonical address 0x3ef17856fcae4fbd: 0000 [#1] PREEMPT SMP PTI
>  Call Trace:
>   <TASK>
>   ? __die_body.cold+0x19/0x27
>   ? die_addr+0x38/0x60
>   ? exc_general_protection+0x1f5/0x4b0
>   ? asm_exc_general_protection+0x22/0x30
>   ? pci_bus_read_config_word+0x1c/0x60
>   pcie_capability_read_word+0x93/0xb0
>   pcie_link_speed_mbps+0x18/0x50
>   cxl_pci_get_bandwidth+0x18/0x60 [cxl_core]
>   cxl_endpoint_gather_bandwidth.constprop.0+0xf4/0x230 [cxl_core]
>   ? xas_store+0x54/0x660
>   ? preempt_count_add+0x69/0xa0
>   ? _raw_spin_lock+0x13/0x40
>   ? __kmalloc_cache_noprof+0xe7/0x270
>   cxl_region_shared_upstream_bandwidth_update+0x9c/0x790 [cxl_core]
>   cxl_region_attach+0x520/0x7e0 [cxl_core]
>   store_targetN+0xf2/0x120 [cxl_core]
>   kernfs_fop_write_iter+0x13a/0x1f0
>   vfs_write+0x23b/0x410
>   ksys_write+0x53/0xd0
>   do_syscall_64+0x62/0x180
>   entry_SYSCALL_64_after_hwframe+0x76/0x7e
>
> And Ying also reported a KASAN error with similar calltrace.
>
> Reported-by: "Huang, Ying" <ying.huang@intel.com>
> Closes: http://lore.kernel.org/87y12w9vp5.fsf@yhuang6-desk2.ccr.corp.intel.com
> Fixes: a5ab0de0ebaa ("cxl: Calculate region bandwidth of targets with shared upstream link")
> Signed-off-by: Li Zhijian <lizhijian@fujitsu.com>
> Reviewed-by: Dan Williams <dan.j.williams@intel.com>

This patch can eliminate the KASAN error when  `modprobe cxl_test`.
Feel free to add

Tested-by: "Huang, Ying" <ying.huang@intel.com>

in the future versions.

--
Best Regards,
Huang, Ying


> ---
> V3:
>   update return code to ENODEV and change logs #Dan
>
> V2:
>   Check device type in original cxl_endpoint_gather_bandwidth() instead of mocking a new one. # Dan
>   Also noticed that the existing cxl_switch_gather_bandwidth() also have the same check.
> ---
>  drivers/cxl/core/cdat.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/drivers/cxl/core/cdat.c b/drivers/cxl/core/cdat.c
> index ef1621d40f05..e9cd7939c407 100644
> --- a/drivers/cxl/core/cdat.c
> +++ b/drivers/cxl/core/cdat.c
> @@ -641,6 +641,9 @@ static int cxl_endpoint_gather_bandwidth(struct cxl_region *cxlr,
>  	void *ptr;
>  	int rc;
>  
> +	if (!dev_is_pci(cxlds->dev))
> +		return -ENODEV;
> +
>  	if (cxlds->rcd)
>  		return -ENODEV;
diff mbox series

Patch

diff --git a/drivers/cxl/core/cdat.c b/drivers/cxl/core/cdat.c
index ef1621d40f05..e9cd7939c407 100644
--- a/drivers/cxl/core/cdat.c
+++ b/drivers/cxl/core/cdat.c
@@ -641,6 +641,9 @@  static int cxl_endpoint_gather_bandwidth(struct cxl_region *cxlr,
 	void *ptr;
 	int rc;
 
+	if (!dev_is_pci(cxlds->dev))
+		return -ENODEV;
+
 	if (cxlds->rcd)
 		return -ENODEV;