From: lorenzo.pieralisi@arm.com (Lorenzo Pieralisi)
To: linux-arm-kernel@lists.infradead.org
Subject: irqchip/irq-gic: BAD_MADT_GICC_ENTRY may fail when booting with ACPI 5.1
Date: Thu, 25 May 2017 18:27:11 +0100 [thread overview]
Message-ID: <20170525172711.GB3935@red-moon> (raw)
In-Reply-To: <e9ca4338-bcf9-3fba-6250-200e05d2be3e@arm.com>
On Wed, May 24, 2017 at 02:00:02PM +0100, Marc Zyngier wrote:
> On 24/05/17 12:18, Julien Grall wrote:
> > Hi Lorenzo,
> >
> > On 05/23/2017 06:06 PM, Lorenzo Pieralisi wrote:
> >> [+Al]
> >>
> >> On Tue, May 23, 2017 at 05:40:28PM +0100, Julien Grall wrote:
> >>> Hi all,
> >>>
> >>> I am currently looking at adding support of ACPI 5.1 in Xen.
> >>> When trying to boot DOM00 I get a panic in Linux (for the full
> >>> log see [1]):
> >>>
> >>> (XEN) DOM0: [ 0.000000] No valid GICC entries exist
> >>>
> >>> The error message is coming from gic_v2_acpi_init.
> >>> Digging down in the code, it is failing because of
> >>> BAD_MADT_GICC_ENTRY is returning false in
> >>> gic_acpi_parse_madt_cpu:
> >>>
> >>> /* Macros for consistency checks of the GICC subtable of MADT */
> >>> #define ACPI_MADT_GICC_LENGTH \
> >>> (acpi_gbl_FADT.header.revision < 6 ? 76 : 80)
> >>>
> >>> #define BAD_MADT_GICC_ENTRY(entry, end) \
> >>> (!(entry) || (unsigned long)(entry) + sizeof(*(entry)) > (end) || \
> >>> (entry)->header.length != ACPI_MADT_GICC_LENGTH)
> >>>
> >>> The 'end' parameter corresponds to the end of the MADT table.
> >>> In the case of ACPI 5.1, the size of GICC is smaller compare
> >>> to 6.0+ (76 vs 80 bytes) but the parameter 'entry' is type
> >>> of acpi_madt_generic_interrupt (sizeof(...) = 80).
> >>
> >> #define BAD_MADT_GICC_ENTRY(entry, end) \
> >> (!(entry) || (entry)->header.length != ACPI_MADT_GICC_LENGTH || \
> >> ((unsigned long)(entry) + ACPI_MADT_GICC_LENGTH) > (end))
> >>
> >> Would this solve it ?
> >
> > Yes, I am now able to boot DOM0 up to the prompt. My concern with this
> > solution is the code will still use the acpi_madt_generic_interrupt
> > code. If someone tries to access field not existing in 5.1 (such as
> > efficiency_class), it may return wrong value or even worst crash.
> >
> > Although, I don't see any user of efficiency_class in Linux so far.
>
> Such code would have to check whether the ACPI version before doing so.
> To be honest, it is quite surprising we don't have one structure per
> version of the GICC subtable. This would at least make the user aware of
> the potential gotcha...
We will have to, as soon as a) someone starts using the GICC
efficiency_class field or b) we start using the three bytes left as
reserved (which I suspect it may happen sooner than we think), whatever
comes first.
In the meantime to fix the regression Julien reported, is the kludge
above ok for everyone ?
Thanks,
Lorenzo
WARNING: multiple messages have this Message-ID (diff)
From: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
To: Marc Zyngier <marc.zyngier@arm.com>
Cc: Julien Grall <julien.grall@arm.com>,
linux-arm-kernel@lists.infradead.org,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
jason@lakedaemon.net, tglx@linutronix.de, ahs3@redhat.com
Subject: Re: irqchip/irq-gic: BAD_MADT_GICC_ENTRY may fail when booting with ACPI 5.1
Date: Thu, 25 May 2017 18:27:11 +0100 [thread overview]
Message-ID: <20170525172711.GB3935@red-moon> (raw)
In-Reply-To: <e9ca4338-bcf9-3fba-6250-200e05d2be3e@arm.com>
On Wed, May 24, 2017 at 02:00:02PM +0100, Marc Zyngier wrote:
> On 24/05/17 12:18, Julien Grall wrote:
> > Hi Lorenzo,
> >
> > On 05/23/2017 06:06 PM, Lorenzo Pieralisi wrote:
> >> [+Al]
> >>
> >> On Tue, May 23, 2017 at 05:40:28PM +0100, Julien Grall wrote:
> >>> Hi all,
> >>>
> >>> I am currently looking at adding support of ACPI 5.1 in Xen.
> >>> When trying to boot DOM00 I get a panic in Linux (for the full
> >>> log see [1]):
> >>>
> >>> (XEN) DOM0: [ 0.000000] No valid GICC entries exist
> >>>
> >>> The error message is coming from gic_v2_acpi_init.
> >>> Digging down in the code, it is failing because of
> >>> BAD_MADT_GICC_ENTRY is returning false in
> >>> gic_acpi_parse_madt_cpu:
> >>>
> >>> /* Macros for consistency checks of the GICC subtable of MADT */
> >>> #define ACPI_MADT_GICC_LENGTH \
> >>> (acpi_gbl_FADT.header.revision < 6 ? 76 : 80)
> >>>
> >>> #define BAD_MADT_GICC_ENTRY(entry, end) \
> >>> (!(entry) || (unsigned long)(entry) + sizeof(*(entry)) > (end) || \
> >>> (entry)->header.length != ACPI_MADT_GICC_LENGTH)
> >>>
> >>> The 'end' parameter corresponds to the end of the MADT table.
> >>> In the case of ACPI 5.1, the size of GICC is smaller compare
> >>> to 6.0+ (76 vs 80 bytes) but the parameter 'entry' is type
> >>> of acpi_madt_generic_interrupt (sizeof(...) = 80).
> >>
> >> #define BAD_MADT_GICC_ENTRY(entry, end) \
> >> (!(entry) || (entry)->header.length != ACPI_MADT_GICC_LENGTH || \
> >> ((unsigned long)(entry) + ACPI_MADT_GICC_LENGTH) > (end))
> >>
> >> Would this solve it ?
> >
> > Yes, I am now able to boot DOM0 up to the prompt. My concern with this
> > solution is the code will still use the acpi_madt_generic_interrupt
> > code. If someone tries to access field not existing in 5.1 (such as
> > efficiency_class), it may return wrong value or even worst crash.
> >
> > Although, I don't see any user of efficiency_class in Linux so far.
>
> Such code would have to check whether the ACPI version before doing so.
> To be honest, it is quite surprising we don't have one structure per
> version of the GICC subtable. This would at least make the user aware of
> the potential gotcha...
We will have to, as soon as a) someone starts using the GICC
efficiency_class field or b) we start using the three bytes left as
reserved (which I suspect it may happen sooner than we think), whatever
comes first.
In the meantime to fix the regression Julien reported, is the kludge
above ok for everyone ?
Thanks,
Lorenzo
next prev parent reply other threads:[~2017-05-25 17:27 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-23 16:40 irqchip/irq-gic: BAD_MADT_GICC_ENTRY may fail when booting with ACPI 5.1 Julien Grall
2017-05-23 16:40 ` Julien Grall
2017-05-23 17:06 ` Lorenzo Pieralisi
2017-05-23 17:06 ` Lorenzo Pieralisi
2017-05-24 11:18 ` Julien Grall
2017-05-24 11:18 ` Julien Grall
2017-05-24 13:00 ` Marc Zyngier
2017-05-24 13:00 ` Marc Zyngier
2017-05-25 17:27 ` Lorenzo Pieralisi [this message]
2017-05-25 17:27 ` Lorenzo Pieralisi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170525172711.GB3935@red-moon \
--to=lorenzo.pieralisi@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.