[patch V3 09/33] genirq/msi: Add range checking to msi_insert_desc()

From: Thomas Gleixner
Date: Thu Nov 24 2022 - 18:28:48 EST

Next message: Thomas Gleixner: "[patch V3 10/33] PCI/MSI: Split __pci_write_msi_msg()"
Previous message: Thomas Gleixner: "[patch V3 07/33] genirq/msi: Provide msi_create/free_device_irq_domain()"
In reply to: Thomas Gleixner: "[patch V3 07/33] genirq/msi: Provide msi_create/free_device_irq_domain()"
Next in thread: Thomas Gleixner: "[patch V3 10/33] PCI/MSI: Split __pci_write_msi_msg()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Per device domains provide the real domain size to the core code. This
allows range checking on insertion of MSI descriptors and also paves the
way for dynamic index allocations which are required e.g. for IMS. This
avoids external mechanisms like bitmaps on the device side and just
utilizes the core internal MSI descriptor storxe for it.

Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
---
V3: Adopt to the new info->hwsize handling and to the new xarray split
---
kernel/irq/msi.c | 58 ++++++++++++++++++++++++++++++++++++++++++++-----------
1 file changed, 47 insertions(+), 11 deletions(-)

--- a/kernel/irq/msi.c
+++ b/kernel/irq/msi.c
@@ -40,6 +40,7 @@ struct msi_ctrl {
#define MSI_XA_DOMAIN_SIZE (MSI_MAX_INDEX + 1)

static void msi_domain_free_locked(struct device *dev, struct msi_ctrl *ctrl);
+static unsigned int msi_domain_get_hwsize(struct device *dev, unsigned int domid);
static inline int msi_sysfs_create_group(struct device *dev);

@@ -80,16 +81,28 @@ static void msi_free_desc(struct msi_des
kfree(desc);
}

-static int msi_insert_desc(struct msi_device_data *md, struct msi_desc *desc,
+static int msi_insert_desc(struct device *dev, struct msi_desc *desc,
unsigned int domid, unsigned int index)
{
+ struct msi_device_data *md = dev->msi.data;
struct xarray *xa = &md->__domains[domid].store;
+ unsigned int hwsize;
int ret;

+ hwsize = msi_domain_get_hwsize(dev, domid);
+ if (index >= hwsize) {
+ ret = -ERANGE;
+ goto fail;
+ }
+
desc->msi_index = index;
ret = xa_insert(xa, index, desc, GFP_KERNEL);
if (ret)
- msi_free_desc(desc);
+ goto fail;
+ return 0;
+
+fail:
+ msi_free_desc(desc);
return ret;
}

@@ -117,7 +130,7 @@ int msi_domain_insert_msi_desc(struct de
/* Copy type specific data to the new descriptor. */
desc->pci = init_desc->pci;

- return msi_insert_desc(dev->msi.data, desc, domid, init_desc->msi_index);
+ return msi_insert_desc(dev, desc, domid, init_desc->msi_index);
}

static bool msi_desc_match(struct msi_desc *desc, enum msi_desc_filter filter)
@@ -136,11 +149,16 @@ static bool msi_desc_match(struct msi_de

static bool msi_ctrl_valid(struct device *dev, struct msi_ctrl *ctrl)
{
+ unsigned int hwsize;
+
if (WARN_ON_ONCE(ctrl->domid >= MSI_MAX_DEVICE_IRQDOMAINS ||
- !dev->msi.data->__domains[ctrl->domid].domain ||
- ctrl->first > ctrl->last ||
- ctrl->first > MSI_MAX_INDEX ||
- ctrl->last > MSI_MAX_INDEX))
+ !dev->msi.data->__domains[ctrl->domid].domain))
+ return false;
+
+ hwsize = msi_domain_get_hwsize(dev, ctrl->domid);
+ if (WARN_ON_ONCE(ctrl->first > ctrl->last ||
+ ctrl->first >= hwsize ||
+ ctrl->last >= hwsize))
return false;
return true;
}
@@ -208,7 +226,7 @@ static int msi_domain_add_simple_msi_des
desc = msi_alloc_desc(dev, 1, NULL);
if (!desc)
goto fail_mem;
- ret = msi_insert_desc(dev->msi.data, desc, ctrl->domid, idx);
+ ret = msi_insert_desc(dev, desc, ctrl->domid, idx);
if (ret)
goto fail;
}
@@ -407,7 +425,10 @@ unsigned int msi_domain_get_virq(struct
if (!dev->msi.data)
return 0;

- if (WARN_ON_ONCE(index > MSI_MAX_INDEX || domid >= MSI_MAX_DEVICE_IRQDOMAINS))
+ if (WARN_ON_ONCE(domid >= MSI_MAX_DEVICE_IRQDOMAINS))
+ return 0;
+
+ if (WARN_ON_ONCE(index >= msi_domain_get_hwsize(dev, domid)))
return 0;

/* This check is only valid for the PCI default MSI domain */
@@ -569,6 +590,20 @@ static struct irq_domain *msi_get_device
return domain;
}

+static unsigned int msi_domain_get_hwsize(struct device *dev, unsigned int domid)
+{
+ struct msi_domain_info *info;
+ struct irq_domain *domain;
+
+ domain = msi_get_device_domain(dev, domid);
+ if (domain) {
+ info = domain->host_data;
+ return info->hwsize;
+ }
+ /* No domain, no size... */
+ return 0;
+}
+
static inline void irq_chip_write_msi_msg(struct irq_data *data,
struct msi_msg *msg)
{
@@ -1359,7 +1394,7 @@ int msi_domain_alloc_irqs_all_locked(str
struct msi_ctrl ctrl = {
.domid = domid,
.first = 0,
- .last = MSI_MAX_INDEX,
+ .last = msi_domain_get_hwsize(dev, domid) - 1,
.nirqs = nirqs,
};

@@ -1473,7 +1508,8 @@ void msi_domain_free_irqs_range(struct d
*/
void msi_domain_free_irqs_all_locked(struct device *dev, unsigned int domid)
{
- msi_domain_free_irqs_range_locked(dev, domid, 0, MSI_MAX_INDEX);
+ msi_domain_free_irqs_range_locked(dev, domid, 0,
+ msi_domain_get_hwsize(dev, domid) - 1);
}

/**

Next message: Thomas Gleixner: "[patch V3 10/33] PCI/MSI: Split __pci_write_msi_msg()"
Previous message: Thomas Gleixner: "[patch V3 07/33] genirq/msi: Provide msi_create/free_device_irq_domain()"
In reply to: Thomas Gleixner: "[patch V3 07/33] genirq/msi: Provide msi_create/free_device_irq_domain()"
Next in thread: Thomas Gleixner: "[patch V3 10/33] PCI/MSI: Split __pci_write_msi_msg()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]