This is a note to let you know that I've just added the patch titled
cxl/hdm: Fail upon detecting 0-sized decoders
to the 6.3-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
cxl-hdm-fail-upon-detecting-0-sized-decoders.patch
and it can be found in the queue-6.3 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 7701c8bef4f14bd9f7940c6ed0e6a73584115a96 Mon Sep 17 00:00:00 2001
From: Dan Williams <dan.j.williams@xxxxxxxxx>
Date: Fri, 14 Apr 2023 11:53:55 -0700
Subject: cxl/hdm: Fail upon detecting 0-sized decoders
From: Dan Williams <dan.j.williams@xxxxxxxxx>
commit 7701c8bef4f14bd9f7940c6ed0e6a73584115a96 upstream.
Decoders committed with 0-size lead to later crashes on shutdown as
__cxl_dpa_release() assumes a 'struct resource' has been established in
the in 'cxlds->dpa_res'. Just fail the driver load in this instance
since there are deeper problems with the enumeration or the setup when
this happens.
Fixes: 9c57cde0dcbd ("cxl/hdm: Enumerate allocated DPA")
Cc: <stable@xxxxxxxxxxxxxxx>
Reviewed-by: Dave Jiang <dave.jiang@xxxxxxxxx>
Reviewed-by: Alison Schofield <alison.schofield@xxxxxxxxx>
Link: https://lore.kernel.org/r/168149843516.792294.11872242648319572632.stgit@xxxxxxxxxxxxxxxxxxxxxxxxx
Signed-off-by: Dan Williams <dan.j.williams@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/cxl/core/hdm.c | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
--- a/drivers/cxl/core/hdm.c
+++ b/drivers/cxl/core/hdm.c
@@ -269,8 +269,11 @@ static int __cxl_dpa_reserve(struct cxl_
lockdep_assert_held_write(&cxl_dpa_rwsem);
- if (!len)
- goto success;
+ if (!len) {
+ dev_warn(dev, "decoder%d.%d: empty reservation attempted\n",
+ port->id, cxled->cxld.id);
+ return -EINVAL;
+ }
if (cxled->dpa_res) {
dev_dbg(dev, "decoder%d.%d: existing allocation %pr assigned\n",
@@ -323,7 +326,6 @@ static int __cxl_dpa_reserve(struct cxl_
cxled->mode = CXL_DECODER_MIXED;
}
-success:
port->hdm_end++;
get_device(&cxled->cxld.dev);
return 0;
@@ -833,6 +835,13 @@ static int init_hdm_decoder(struct cxl_p
port->id, cxld->id);
return -ENXIO;
}
+
+ if (size == 0) {
+ dev_warn(&port->dev,
+ "decoder%d.%d: Committed with zero size\n",
+ port->id, cxld->id);
+ return -ENXIO;
+ }
port->commit_end = cxld->id;
} else {
/* unless / until type-2 drivers arrive, assume type-3 */
Patches currently in stable-queue which might be from dan.j.williams@xxxxxxxxx are
queue-6.3/cxl-hdm-use-4-byte-reads-to-retrieve-hdm-decoder-base-limit.patch
queue-6.3/cxl-hdm-fail-upon-detecting-0-sized-decoders.patch
queue-6.3/cxl-port-scan-single-target-ports-for-decoders.patch
