Re: [PATCH v5 RESEND 1/5] lib/pci_iomap.c: fix cleanup bugs in pci_iounmap()

From: Bjorn Helgaas
Date: Tue Jan 23 2024 - 13:47:18 EST

Next message: Andrew Davis: "[PATCH 5/9] remoteproc: qcom_q6v5_pas: Use devm_rproc_alloc() helper"
Previous message: Kairui Song: "[PATCH v3 3/3] mm, lru_gen: move pages in bulk when aging"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 11, 2024 at 09:55:36AM +0100, Philipp Stanner wrote:
> pci_iounmap() in lib/pci_iomap.c is supposed to check whether an address
> is within ioport-range IF the config specifies that ioports exist. If
> so, the port should be unmapped with ioport_unmap(). If not, it's a
> generic MMIO address that has to be passed to iounmap().
>
> The bugs are:
> 1. ioport_unmap() is missing entirely, so this function will never
> actually unmap a port.

The preceding comment suggests that in this default implementation,
the ioport does not need unmapping, and it wasn't something it was
supposed to do but just failed to do:

* NOTE! This default implementation assumes that if the architecture
* support ioport mapping (HAS_IOPORT_MAP), the ioport mapping will
* be fixed to the range [ PCI_IOBASE, PCI_IOBASE+IO_SPACE_LIMIT [,
* and does not need unmapping with 'ioport_unmap()'.
*
* If you have different rules for your architecture, you need to
* implement your own pci_iounmap() that knows the rules for where
* and how IO vs MEM get mapped.

Almost all ioport_unmap() implementations are empty, so in most cases
it's a no-op (parisc is an exception).

I'm happy to add the ioport_unmap() even just for symmetry, but if we
do, I think we should update or remove that comment.

> 2. the #ifdef for the ioport-ranges accidentally also guards
> iounmap(), potentially compiling an empty function. This would
> cause the mapping to be leaked.
>
> Implement the missing call to ioport_unmap().
>
> Move the guard so that iounmap() will always be part of the function.

I think we should fix this bug in a separate patch because the
ioport_unmap() is much more subtle and doesn't need to be complicated
with this fix.

> CC: <stable@xxxxxxxxxxxxxxx> # v5.15+
> Fixes: 316e8d79a095 ("pci_iounmap'2: Electric Boogaloo: try to make sense of it all")
> Reported-by: Danilo Krummrich <dakr@xxxxxxxxxx>

Is there a URL we can include for Danilo's report? I found
https://lore.kernel.org/all/a6ef92ae-0747-435b-822d-d0229da4683c@xxxxxxxxxx/,
but I'm not sure that's the right part of the conversation.

> Suggested-by: Arnd Bergmann <arnd@xxxxxxxxxx>
> Signed-off-by: Philipp Stanner <pstanner@xxxxxxxxxx>
> Reviewed-by: Arnd Bergmann <arnd@xxxxxxxx>
> ---
> lib/pci_iomap.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/lib/pci_iomap.c b/lib/pci_iomap.c
> index ce39ce9f3526..6e144b017c48 100644
> --- a/lib/pci_iomap.c
> +++ b/lib/pci_iomap.c
> @@ -168,10 +168,12 @@ void pci_iounmap(struct pci_dev *dev, void __iomem *p)
> uintptr_t start = (uintptr_t) PCI_IOBASE;
> uintptr_t addr = (uintptr_t) p;
>
> - if (addr >= start && addr < start + IO_SPACE_LIMIT)
> + if (addr >= start && addr < start + IO_SPACE_LIMIT) {
> + ioport_unmap(p);
> return;
> - iounmap(p);
> + }
> #endif
> + iounmap(p);
> }
> EXPORT_SYMBOL(pci_iounmap);
>
> --
> 2.43.0
>

Next message: Andrew Davis: "[PATCH 5/9] remoteproc: qcom_q6v5_pas: Use devm_rproc_alloc() helper"
Previous message: Kairui Song: "[PATCH v3 3/3] mm, lru_gen: move pages in bulk when aging"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]