From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E04E9C3DA4A for ; Wed, 14 Aug 2024 16:37:17 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6BF296B00A9; Wed, 14 Aug 2024 12:37:17 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 649306B00B3; Wed, 14 Aug 2024 12:37:17 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4E9B86B00B4; Wed, 14 Aug 2024 12:37:17 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 2E8E06B00A9 for ; Wed, 14 Aug 2024 12:37:17 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id D1E47140ECD for ; Wed, 14 Aug 2024 16:37:16 +0000 (UTC) X-FDA: 82451406072.10.FA458A0 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf30.hostedemail.com (Postfix) with ESMTP id 264E68000C for ; Wed, 14 Aug 2024 16:37:14 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b="h/xMr0H5"; spf=pass (imf30.hostedemail.com: domain of helgaas@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=helgaas@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1723653339; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:dkim-signature; bh=w3/bvFrSguME+ma5uSq+aqKU+cIaASTdzCWju1+5HAo=; b=Nh+CAORJakO5uOVFL33xIfRIK//PMMZHoON1QgbKJmJCzZQdeEHTjT6KkLEMg3N09AKUXN 0FaIWkX69RO1HUMrYvoFxzyrzw5OwYfX1pvnmZYpyqyQfKmMTs8KoIeeAexEMuOchLdSll Uoo2ec33spaATdiD04k7tR06BbXkIBY= ARC-Authentication-Results: i=1; imf30.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b="h/xMr0H5"; spf=pass (imf30.hostedemail.com: domain of helgaas@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=helgaas@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1723653339; a=rsa-sha256; cv=none; b=zLhS9lMCUNc2hkeBMOPpU/5+Tl5DYFPnIYqOwtnNplPXHuYIKuc/fSD6YxvSPvKA76BPLT 4F5AHgcFP0tFb+SZUX2prYz6ju+sh+1VH7ji4Fhh6gUSyCfX5RZBFL0+IO+kQlQY85eXJu m7R8F14ooo9Zzn1fNipzR/SjC5YS98U= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 0B0E361AD8; Wed, 14 Aug 2024 16:37:14 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 66712C116B1; Wed, 14 Aug 2024 16:37:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1723653433; bh=6RJi14OWFncm4pr5rNS4VYJAxaixOf/qt2UvNYUHlGs=; h=Date:From:To:Cc:Subject:In-Reply-To:From; b=h/xMr0H5zKif+MNaGHUajjGxNuAubvRat9btd7tMkvLATRe/2ui4G16qWnZzYjfEb 4kpuHeHKjnJva71CApWlQVD/H/JzFWrOS21FSgW4MS2oLS+Xn7vU6qbjGoQHsrIPbA jCyDz1h3r7h3nyAr8K/qOJOsjo0OIWagkkhFXRocNXhGsljX2vZwlLhtE+mnCEqJ1x vFFBDyCiAdwjGVOwx9VAnLl6E7JDI+9umBueXOAMDwfsqg/h33Tkrm4Ua/shR1RIpP 9ecFpA0WM60CQ1hzgM7SqvIUvnKgLMK/Wlo9QIBNXbwo/8r6rTQS4JELFnEY2yn6zd NpSAEniob9nhg== Date: Wed, 14 Aug 2024 11:37:11 -0500 From: Bjorn Helgaas To: shankerwangmiao@gmail.com Cc: Ilpo =?utf-8?B?SsOkcnZpbmVu?= , Bjorn Helgaas , "Rafael J. Wysocki" , Len Brown , linux-pci@vger.kernel.org, linux-acpi@vger.kernel.org, linux-mm@kvack.org Subject: Re: [PATCH v3] ACPI: PCI: check if the root io space is page aligned Message-ID: <20240814163711.GA351420@bhelgaas> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240814-check_pci_probe_res-v3-1-b6eaa6f99032@gmail.com> X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 264E68000C X-Stat-Signature: n78sy7eydondejo4jngi4readkcu6rtt X-Rspam-User: X-HE-Tag: 1723653434-13566 X-HE-Meta: U2FsdGVkX1+E82ydTDRuCoFg5oNJph9LjwXXmZxQrZJoh05vN/W9CyFV4bzvN//jqh+rVPptQuE/6oEae4rXlL66IT7BPUa0ONPKiKGxr3xqwINH34g8ERPmTMbqdBIWE4wyFghXpkxQZZVezVJAKLMrCf05fpc/FFm1qfcjN72ShDAq4/kfALfdqHhhRdT3B8ZUD/wEu2MHZYYepfp9WOs7rSgOqDVL209fQb4/m5k05LIuM2x9Y7im4aJKjLICmMOi2GH6Flr7kBWHMa03fbK0U3/sIwFLqwJE/BICRXsieJwRAdUr/qIVDqV0+1M1gmVsC9o0FmuusQQUPuEvPnK/vYmusw18fP/TeGhHoeRMWKNVPS2gHpbM7UfsZR0PMH5bFpslCv61PeGzklCU9czB97fUAddrzoyM8UXqz1hsSt+Zw/8TaHX4Yr3hH2wZN5n3BA2BSIHvq5xs3ghDfANJDRChu6f/Crf0vOJYFmCzPsVnm/RaCNxt0H7Ce/7PPZoY78W8VbrpGEFfAb0aonjHOLODOHImIjOfQRTO7kTL3xJ+eyGU5tfgpoEa/gyPWCk+7RBqXS8EVPpGy83RhqvVUs4Oon4Qz2uWTc39kLozrqBJF9kze9xUfvnxfgxSCSF7lpmGaTHmfUD/dOnmOwH/1VwbMl8GtLNq/5J8rodWhCr6oH3IfY3Rk5ZB8253HNtDy82VJB2lM3NiJdplAHBg7eHS/HbJsAtYJBXTehog7RDTBmwqhc1UFnttKD0hhxIeeVKYx0Hk+vBPJRXcPWJ6QWP5yfJsUWf6LEctx9bi3bSy65LEatsQ5wCiL2qw7bl+uIDevFuV1j66cNE74Jrqr47Teyp/umQDNb7sYxfdN3Eu9ErUtP0czv68qw9WlqWwQdF+HqJY9bpE4RYOUQqic64Rd59et01Fo50PHOm7OprtH6hy9T1IqoiGFnIWzC6DBz/ZKUAcUaNsdPR M9me38SR xtCXcnTjhcvPbmnA3er4sdn/qJnJgZ0P2ientrfQZB4/1NvgyC8JFksgYociK1bQUfBb5DXavf6A5FPqhQiv8bK2ODMOz3RphyJzmjqs4j8+OF51KbFJg/klS2XBPgRo/9hjzdc8O57YGKrC3GTvSKS3Rx5cdPxlIGIdE0Z3hYg100bWoX8UHtEljg4GM7qQMdYV7wpbR1LnD2dNWmm8WNcK8t1vJuMoa394uL30c9KCKiF8VtYXdOb8dBIzhpUpvCuS/FJiH6BdyLf9V0CZ/eZoaiSy9m51pR1h6opirDMAiS9geGmjorjJBu4Ig6TMbf24W+ZuRu7ylE8w= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: [+cc linux-mm for vmap page alignment checking question] On Wed, Aug 14, 2024 at 08:09:15PM +0800, Miao Wang via B4 Relay wrote: > From: Miao Wang > > When the IO resource given by _CRS method is not page aligned, especially > when the page size is larger than 4KB, serious problems will happen > because the misaligned address is passed down to pci_remap_iospace(), > then to vmap_page_range(), and finally to vmap_pte_range(), where the > length between addr and end is expected to be divisible by PAGE_SIZE, or > the loop will overrun till the pfn_none check fails. What does this problem look like to a user? Panic, oops, hang, warning backtrace? I assume this is not a regression, but maybe something you tripped over because of a BIOS defect? Does this need to be backported to stable kernels? It seems sort of weird to me that all those vmap_*_range() functions take the full page address (not a PFN) and depend on the addr/size being page-aligned, but they don't validate the alignment. But I'm not a VM person and I suppose there's a reason for passing the full address. But it does mean that other users of vmap_page_range() are also potentially susceptible to this issue, e.g., vmap(), vm_map_ram(), ioremap_page_range(), etc., so I'm not sure that acpi_pci_root_remap_iospace() is the best place to check the alignment. > Signed-off-by: Miao Wang > --- > Changes in v3: > - Adjust code formatting. > - Reword the commit message for further description of the possible reason > leading to misaligned IO resource addresses. > - Link to v2: https://lore.kernel.org/r/20240814-check_pci_probe_res-v2-1-a03c8c9b498b@gmail.com > > Changes in v2: > - Sorry for posting out the draft version in V1, fixed a silly compiling issue. > - Link to v1: https://lore.kernel.org/r/20240814-check_pci_probe_res-v1-1-122ee07821ab@gmail.com > --- > drivers/acpi/pci_root.c | 14 +++++++++++--- > 1 file changed, 11 insertions(+), 3 deletions(-) > > diff --git a/drivers/acpi/pci_root.c b/drivers/acpi/pci_root.c > index d0bfb3706801..a425e93024f2 100644 > --- a/drivers/acpi/pci_root.c > +++ b/drivers/acpi/pci_root.c > @@ -858,7 +858,7 @@ static void acpi_pci_root_validate_resources(struct device *dev, > } > } > > -static void acpi_pci_root_remap_iospace(struct fwnode_handle *fwnode, > +static void acpi_pci_root_remap_iospace(struct acpi_device *device, > struct resource_entry *entry) > { > #ifdef PCI_IOBASE > @@ -868,7 +868,15 @@ static void acpi_pci_root_remap_iospace(struct fwnode_handle *fwnode, > resource_size_t length = resource_size(res); > unsigned long port; > > - if (pci_register_io_range(fwnode, cpu_addr, length)) > + if (!PAGE_ALIGNED(cpu_addr) || !PAGE_ALIGNED(length) || > + !PAGE_ALIGNED(pci_addr)) { > + dev_err(&device->dev, > + FW_BUG "I/O resource %pR or its offset %pa is not page aligned\n", > + res, &entry->offset); > + goto err; > + } > + > + if (pci_register_io_range(&device->fwnode, cpu_addr, length)) > goto err; This change verifies alignment for the ACPI case that leads to the pci_remap_iospace() -> vmap_page_range() -> vmap_pte_range() path, but there are others even in drivers/pci/, e.g., pci_remap_iospace() is also used in the DT path, where I suppose a defective DT could cause a similar issue. > port = pci_address_to_pio(cpu_addr); > @@ -910,7 +918,7 @@ int acpi_pci_probe_root_resources(struct acpi_pci_root_info *info) > else { > resource_list_for_each_entry_safe(entry, tmp, list) { > if (entry->res->flags & IORESOURCE_IO) > - acpi_pci_root_remap_iospace(&device->fwnode, > + acpi_pci_root_remap_iospace(device, > entry); > > if (entry->res->flags & IORESOURCE_DISABLED) > > --- > base-commit: 7c626ce4bae1ac14f60076d00eafe71af30450ba > change-id: 20240813-check_pci_probe_res-27e3e6df72b2 > > Best regards, > -- > Miao Wang > >