Received: by 10.192.165.148 with SMTP id m20csp336898imm; Wed, 2 May 2018 00:48:59 -0700 (PDT) X-Google-Smtp-Source: AB8JxZoJoI0RSqGl4yw45Q0MwvucE5lVmWfKOMmiOdCZWcSNqDRKruRKxdsPJJwxCKB4FYIP67KF X-Received: by 2002:a65:6645:: with SMTP id z5-v6mr11357520pgv.43.1525247339282; Wed, 02 May 2018 00:48:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525247339; cv=none; d=google.com; s=arc-20160816; b=N4QWo6NoGG1bIEi3q7gMvfJnO1e+94DVVn3qzt0IV9Z+4YKaoiIoMqdp5xn0M1opXH ro2GnG6n0g4AVbnubbMXS9ajdF6vha8ibkR4dvel1E3tuNLW4jeXeegqOophYiBLcqRt 8B/EzkkOJVz+rdl0g8rGzE1rxX7qllJm9zvZpFuH8ni1IUcBV0T6jFfJ3cvXIuFxxAYa 0Ec1BiEaIOy/KKV+KOkpUHtdFLWBX7BMlp0LaSLwEqJuSKmRhW5FYaFljkIq/tqJAZju dtkCY6jwPdXNlH2j4lOOtn7fEcAR5E2AsaRDC8j0DOBNZR7+PVpW7BTb9eZFp5e/hEmf qERA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=3HJdP1zArc1pNUFK1YSm8KG7vkREHDQiY8EKQq4sxHg=; b=q2WGy//e2KFIAnX0Fr0RNfvwaDeVAidZp+3rQ91aeATjcsYSG+JXtVis83a0UzLrep oK5Ry+86E/LLt7vWJhXbifESnRByY3WnszbAvegxCmJn/xKa8fTQR9FSwC9HerIyh1eV a2Kh41KtkNzdZARUWVJS84PqBME4T1ghxWi6z3c8FgKFG/Y/sXNzrW/O/zxtqgrUmmtr raJPAwvlEsQjXAiEqB3XIYSi+tY2HHmJrmc3CzWmhgU+FiGLyNw4RDgY2md4z0Qt5DgX t9AdWt662mnWD6H+y2G4V+SWYnHzWnS9TTFMy3bsVFSTykyOjofXUO5SxdLXPDDl0K7n wjHg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f28-v6si11903823plj.255.2018.05.02.00.48.45; Wed, 02 May 2018 00:48:59 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751167AbeEBHqz (ORCPT + 99 others); Wed, 2 May 2018 03:46:55 -0400 Received: from relay1-d.mail.gandi.net ([217.70.183.193]:35347 "EHLO relay1-d.mail.gandi.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750920AbeEBHqx (ORCPT ); Wed, 2 May 2018 03:46:53 -0400 X-Originating-IP: 2.224.242.101 Received: from w540 (2-224-242-101.ip172.fastwebnet.it [2.224.242.101]) (Authenticated sender: jacopo@jmondi.org) by relay1-d.mail.gandi.net (Postfix) with ESMTPSA id AB93B24000B; Wed, 2 May 2018 09:46:35 +0200 (CEST) Date: Wed, 2 May 2018 09:46:31 +0200 From: jacopo mondi To: Christoph Hellwig Cc: ysato@users.sourceforge.jp, dalias@libc.org, thomas.petazzoni@free-electrons.com, robin.murphy@arm.com, geert@linux-m68k.org, sergei.shtylyov@cogentembedded.com, linux-renesas-soc@vger.kernel.org, linux-sh@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v3] sh: mm: Fix unprotected access to struct device Message-ID: <20180502074600.GC27261@w540> References: <1524044555-20610-1-git-send-email-jacopo+renesas@jmondi.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="UnaWdueM1EBWVRzC" Content-Disposition: inline In-Reply-To: <1524044555-20610-1-git-send-email-jacopo+renesas@jmondi.org> User-Agent: Mutt/1.5.24 (2015-08-30) X-Spam-Level: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --UnaWdueM1EBWVRzC Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Hi again Christoph, The gentle ping actually applies to this version of the patch. Sorry for the confusion. Thanks j On Wed, Apr 18, 2018 at 11:42:35AM +0200, Jacopo Mondi wrote: > With commit ce88313069c36eef80f21fd7 ("arch/sh: make the DMA mapping > operations observe dev->dma_pfn_offset") the generic DMA allocation > function on which the SH 'dma_alloc_coherent()' function relies on, > accesses the 'dma_pfn_offset' field of struct device. > > Unfortunately the 'dma_generic_alloc_coherent()' function is called from > several places with a NULL struct device argument, halting the CPU > during the boot process. > > This patch fixes the issue by protecting access to dev->dma_pfn_offset, > with a trivial check for validity. It also passes a valid 'struct device' > in the 'platform_resource_setup_memory()' function which is the main user > of 'dma_alloc_coherent()', and inserts a WARN_ON() check to remind to future > (and existing) bogus users of this function to provide a valid 'struct device' > whenever possible. > > Fixes: ce88313069c36eef80f21fd7 ("arch/sh: make the DMA mapping operations observe dev->dma_pfn_offset") > Signed-off-by: Jacopo Mondi > Reviewed-by: Geert Uytterhoeven > Reviewed-by: Thomas Petazzoni > > --- > v2 -> v3: > - remove (now) useless parenthesis around pfn assignement as suggested > by Sergei > - Add changelog to the patch, which I forgot in v2 > > v1 -> v2: > - Move WARN_ON() closer to dev validity check as suggested by Geert > > --- > arch/sh/mm/consistent.c | 11 ++++++++--- > 1 file changed, 8 insertions(+), 3 deletions(-) > > diff --git a/arch/sh/mm/consistent.c b/arch/sh/mm/consistent.c > index 8ce9869..f1b4469 100644 > --- a/arch/sh/mm/consistent.c > +++ b/arch/sh/mm/consistent.c > @@ -59,7 +59,9 @@ void *dma_generic_alloc_coherent(struct device *dev, size_t size, > > split_page(pfn_to_page(virt_to_phys(ret) >> PAGE_SHIFT), order); > > - *dma_handle = virt_to_phys(ret) - PFN_PHYS(dev->dma_pfn_offset); > + *dma_handle = virt_to_phys(ret); > + if (!WARN_ON(!dev)) > + *dma_handle -= PFN_PHYS(dev->dma_pfn_offset); > > return ret_nocache; > } > @@ -69,9 +71,12 @@ void dma_generic_free_coherent(struct device *dev, size_t size, > unsigned long attrs) > { > int order = get_order(size); > - unsigned long pfn = (dma_handle >> PAGE_SHIFT) + dev->dma_pfn_offset; > + unsigned long pfn = dma_handle >> PAGE_SHIFT; > int k; > > + if (!WARN_ON(!dev)) > + pfn += dev->dma_pfn_offset; > + > for (k = 0; k < (1 << order); k++) > __free_pages(pfn_to_page(pfn + k), 0); > > @@ -143,7 +148,7 @@ int __init platform_resource_setup_memory(struct platform_device *pdev, > if (!memsize) > return 0; > > - buf = dma_alloc_coherent(NULL, memsize, &dma_handle, GFP_KERNEL); > + buf = dma_alloc_coherent(&pdev->dev, memsize, &dma_handle, GFP_KERNEL); > if (!buf) { > pr_warning("%s: unable to allocate memory\n", name); > return -ENOMEM; > -- > 2.7.4 > --UnaWdueM1EBWVRzC Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJa6WzXAAoJEHI0Bo8WoVY8VHgQAJ+f+VrWABtAj1hPotWX8Mxb GbTWMa5uMBOrDckb3bSTWqpIu4cW+nKfLbLSWFNNNZiy2VfzyH95sqqYQdgt0XZB X/iAduQx5bfLxPziOiYSrzB8AAN7L8MQ5ZEvCXkoSo1Lx6vKoLgbdpGgYSrdhjZQ iz4cUu/MxFHt3MbPwlFTeNqMQg55ZwCh1QHC9RlqcpAWXRkz07Mbox9L0Wl+9F/S Zwlbo6i/K1QRzmoCCq+RAAmHAAw2nCQwUNB/FyCXQgntACHVpSsDFdRT8sAzqmoL v7MkpXUXEZqvNF6dWLUIWlo8+Cw8jZBctFZb4QqvTGnwY7qVj65x1OBnffHDvER1 2L25LOBVN+VaoD00SmgIz2pLFl0CcOfwJBRqfPsRro0dxChvmxjWQOJ3Tp4a2/D1 q+PW8h6tj1AyyytkVJgi0VM5cimj4TcbBtufm/QQqVQUtghqUeLk6XRwb4JtvwQx t9qnbNo5ch/Ox1k7foYQrHEymgac+GVuuEfX5P1R8X54QrQ9VeiFoPS+lOUd/Qxj iWxzBKG3egX1zyodYuJK4cs/kcjWh8HSL8cro9LkznEqcjlTXW2SMlnQTG6wPjnQ o2kDJDjPfKxEGxgB0PioALF5Ha9qiciw2HARleNdoL3mcvVZiqViLJVGkbc8Kg6I 24PCZUT1CSudq2qg4xT6 =WEro -----END PGP SIGNATURE----- --UnaWdueM1EBWVRzC--