pcim_intx() tries to restore the INTx bit at removal via devres, but
there is a chance that it restores a wrong value.
Because the value to be restored is blindly assumed to be the negative
of the enable argument, when a driver calls pcim_intx() unnecessarily
for the already enabled state, it'll restore to the disabled state in
turn. That is, the function assumes the case like:
// INTx == 1
pcim_intx(pdev, 0); // old INTx value assumed to be 1 -> correct
but it might be like the following, too:
// INTx == 0
pcim_intx(pdev, 0); // old INTx value assumed to be 1 -> wrong
Also, when a driver calls pcim_intx() multiple times with different
enable argument values, the last one will win no matter what value it
is. This can lead to inconsistency, e.g.
// INTx == 1
pcim_intx(pdev, 0); // OK
...
pcim_intx(pdev, 1); // now old INTx wrongly assumed to be 0
This patch addresses those inconsistencies by saving the original
INTx state at the first pcim_intx() call. For that,
get_or_create_intx_devres() is folded into pcim_intx() caller side;
it allows us to simply check the already allocated devres and record
the original INTx along with the devres_alloc() call.
Fixes: 25216afc9db5 ("PCI: Add managed pcim_intx()")
Cc: stable@xxxxxxxxxxxxxxx # 6.11+
Link: https://lore.kernel.org/87v7xk2ps5.wl-tiwai@xxxxxxx
Signed-off-by: Takashi Iwai <tiwai@xxxxxxx>
---
v1->v2: refactoring, fold get_or_create_intx_devres() into the caller
instead of retrieving the original INTx there.
Also add comments and improve the patch description.
drivers/pci/devres.c | 34 +++++++++++++++++++---------------
1 file changed, 19 insertions(+), 15 deletions(-)
diff --git a/drivers/pci/devres.c b/drivers/pci/devres.c
index b133967faef8..c93d4d4499a0 100644
--- a/drivers/pci/devres.c
+++ b/drivers/pci/devres.c
@@ -438,19 +438,12 @@ static void pcim_intx_restore(struct device *dev, void *data)
__pcim_intx(pdev, res->orig_intx);
}
-static struct pcim_intx_devres *get_or_create_intx_devres(struct device *dev)
+static void save_orig_intx(struct pci_dev *pdev, struct pcim_intx_devres *res)
{
- struct pcim_intx_devres *res;
+ u16 pci_command;
- res = devres_find(dev, pcim_intx_restore, NULL, NULL);
- if (res)
- return res;
-
- res = devres_alloc(pcim_intx_restore, sizeof(*res), GFP_KERNEL);
- if (res)
- devres_add(dev, res);
-
- return res;
+ pci_read_config_word(pdev, PCI_COMMAND, &pci_command);
+ res->orig_intx = !(pci_command & PCI_COMMAND_INTX_DISABLE);
}
/**
@@ -466,12 +459,23 @@ static struct pcim_intx_devres *get_or_create_intx_devres(struct device *dev)
int pcim_intx(struct pci_dev *pdev, int enable)
{
struct pcim_intx_devres *res;
+ struct device *dev = &pdev->dev;
- res = get_or_create_intx_devres(&pdev->dev);
- if (!res)
- return -ENOMEM;
+ /*
+ * pcim_intx() must only restore the INTx value that existed before the
+ * driver was loaded, i.e., before it called pcim_intx() for the
+ * first time.
+ */
+ res = devres_find(dev, pcim_intx_restore, NULL, NULL);
+ if (!res) {
+ res = devres_alloc(pcim_intx_restore, sizeof(*res), GFP_KERNEL);
+ if (!res)
+ return -ENOMEM;
+
+ save_orig_intx(pdev, res);
+ devres_add(dev, res);
+ }
- res->orig_intx = !enable;
__pcim_intx(pdev, enable);
return 0;
--
2.43.0
