On Thu, Oct 01, 2020 at 10:02:44PM +0000, Krzysztof Wilczyński wrote:
> Unify ECAM-related constants into a single set of standard constants
> defining memory address shift values for the byte-level address that can
> be used when accessing the PCI Express Configuration Space, and then
> move native PCI Express controller drivers to use newly introduced
> definitions retiring any driver-specific ones.
>
> The ECAM ("Enhanced Configuration Access Mechanism") is defined by the
> PCI Express specification (see PCI Express Base Specification, Revision
> 5.0, Version 1.0, Section 7.2.2, p. 676), thus most hardware should
> implement it the same way. Most of the native PCI Express controller
> drivers define their ECAM-related constants, many of these could be
> shared, or use open-coded values when setting the .bus_shift field of
> the struct pci_ecam_ops.
>
> All of the newly added constants should remove ambiguity and reduce the
> number of open-coded values, and also correlate more strongly with the
> descriptions in the aforementioned specification (see Table 7-1
> "Enhanced Configuration Address Mapping", p. 677).
> --- a/drivers/pci/controller/pci-host-generic.c
> +++ b/drivers/pci/controller/pci-host-generic.c
> @@ -15,7 +15,7 @@
> #include <linux/platform_device.h>
>
> static const struct pci_ecam_ops gen_pci_cfg_cam_bus_ops = {
> - .bus_shift = 16,
> + .bus_shift = PCIE_CAM_BUS_SHIFT,
I'm not sure this code was safe even before you touched it.
pci_ecam_map_bus() doesn't limit "where" at all, so if we try to
access extended config space (offset 0x100 - 0xfff), I think we'll
generate
(busnr << 16) | (devfn << 8) + where
If "where >= 0x100", we'll target the wrong device.
Even for ECAM, it doesn't look like anything prevents a defective or
malicious caller from supplying a config offset of, say, 0x2000 and
targeting the wrong device.
> .pci_ops = {
> .map_bus = pci_ecam_map_bus,
> .read = pci_generic_config_read,
> --- a/drivers/pci/controller/pci-xgene.c
> +++ b/drivers/pci/controller/pci-xgene.c
> @@ -60,6 +60,15 @@
> #define XGENE_PCIE_IP_VER_1 1
> #define XGENE_PCIE_IP_VER_2 2
>
> +/*
> + * Enhanced Configuration Access Mechanism (ECAM)
> + *
> + * N.B. This is a non-standard platform-specific ECAM bus shift value. For
> + * standard values defined in the PCI Express Base Specification see
> + * include/linux/pci-ecam.h.
> + */
> +#define XGENE_PCIE_ECAM_BUS_SHIFT 16
Is this even used anywhere? xgene_pcie_map_bus() doesn't use
bus_shift. Maybe we can just drop the .bus_shift initializers?
> #if defined(CONFIG_PCI_XGENE) || (defined(CONFIG_ACPI) && defined(CONFIG_PCI_QUIRKS))
> struct xgene_pcie_port {
> struct device_node *node;
> @@ -257,7 +266,7 @@ static int xgene_v1_pcie_ecam_init(struct pci_config_window *cfg)
> }
>
> const struct pci_ecam_ops xgene_v1_pcie_ecam_ops = {
> - .bus_shift = 16,
> + .bus_shift = XGENE_PCIE_ECAM_BUS_SHIFT,
> .init = xgene_v1_pcie_ecam_init,
> .pci_ops = {
> .map_bus = xgene_pcie_map_bus,
> @@ -272,7 +281,7 @@ static int xgene_v2_pcie_ecam_init(struct pci_config_window *cfg)
> }
>
> const struct pci_ecam_ops xgene_v2_pcie_ecam_ops = {
> - .bus_shift = 16,
> + .bus_shift = XGENE_PCIE_ECAM_BUS_SHIFT,
> .init = xgene_v2_pcie_ecam_init,
> .pci_ops = {
> .map_bus = xgene_pcie_map_bus,
