From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 821543E867A for ; Tue, 17 Mar 2026 15:00:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.15 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773759657; cv=none; b=AbVJ4o05AVdOxp8zx9MpnaCtkWyknnAbLQYjOmvjZEISVQIJMNpK4qlf+aOYEEq15WKUkfVbqPZKRBjW0RT+Zj5ARcbv/4s1HiAK12Me6NyR05f6s8TaLYoO4d+P5RM/GFg9fRXEbhnyRN3+jHHgucHYpw9oKatiiG/iw7VtyHA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773759657; c=relaxed/simple; bh=Ryq1Wth0uh3/qAeKhxHQfVqDR0h6U7f/aEurZbpQm0c=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=Vq7M7B0rLiG1jynyLOhmGGenp4NVvwLws2wwRQjaLJuxIVXKGleJSjzGnRnIGO9lFKnFs4OzU8V7qbsbFOMyCIoQlXoJ1rIDYr1B5II+UPLkBgC2eYyivvMAMatqH0oCQdDMLXqrN1cTV80Cf0AieeHyWMwP0XpZKObKkPj5PHs= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=HVUpY+B0; arc=none smtp.client-ip=192.198.163.15 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="HVUpY+B0" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1773759656; x=1805295656; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=Ryq1Wth0uh3/qAeKhxHQfVqDR0h6U7f/aEurZbpQm0c=; b=HVUpY+B0AZltGOUEBqoJFq3WKn7vMx5bLuBoJYKPpz58pQFr7+nhPjPO rX2rJUakSC3lJPNQDQWuCS+KvburdalHm9bJQHtRwyfdDhIr3+XlYqK6W JeyiocYI+7FVkIFBibURAZXVdWc8VKGXJh53pmH28R0Qu9UyaE5TmwAkJ x3vCQOPL9mP10Jru7knE8TUDzQFiLxw/DxjfETudPTZv24LbFcAqqsXia jeEzbbCal3qVNwlh2NmmmQjssZKL8fGmgFBl59/WzIySCVaDM+1t7mLQM 5DvS4xccmyqHEZ1MZbug6+Z1ShPAQnyTv4RSPbbq4ACYRnjjC7o0lLwa8 Q==; X-CSE-ConnectionGUID: ujNeTuN+SjaIq+q61xhQzg== X-CSE-MsgGUID: 7Ha2AJT0QAW5fk1keNYmgg== X-IronPort-AV: E=McAfee;i="6800,10657,11732"; a="74912598" X-IronPort-AV: E=Sophos;i="6.23,126,1770624000"; d="scan'208";a="74912598" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by fmvoesa109.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Mar 2026 08:00:55 -0700 X-CSE-ConnectionGUID: 5201O5lERBKtSn8wG8wDDg== X-CSE-MsgGUID: UzNGCFAiRyyXsfijJ/Rc3Q== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.23,126,1770624000"; d="scan'208";a="226429848" Received: from schen9-mobl4.amr.corp.intel.com (HELO [10.125.108.169]) ([10.125.108.169]) by ORVIESA003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Mar 2026 08:00:53 -0700 Message-ID: Date: Tue, 17 Mar 2026 08:00:52 -0700 Precedence: bulk X-Mailing-List: driver-core@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v2 2/4] cxl/memdev: Hold memdev lock during memdev poison injection/clear To: Li Ming , Greg Kroah-Hartman , "Rafael J. Wysocki" , Danilo Krummrich , Davidlohr Bueso , Jonathan Cameron , Alison Schofield , Vishal Verma , Ira Weiny , Dan Williams , Bjorn Helgaas , Ben Cheatham Cc: driver-core@lists.linux.dev, linux-kernel@vger.kernel.org, linux-cxl@vger.kernel.org References: <20260314-fix_access_endpoint_without_drv_check-v2-0-4c09edf2e1db@zohomail.com> <20260314-fix_access_endpoint_without_drv_check-v2-2-4c09edf2e1db@zohomail.com> Content-Language: en-US From: Dave Jiang In-Reply-To: <20260314-fix_access_endpoint_without_drv_check-v2-2-4c09edf2e1db@zohomail.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On 3/14/26 12:06 AM, Li Ming wrote: > CXL memdev poison injection/clearing debugfs interfaces are visible > before the CXL memdev endpoint initialization, If user accesses the > interfaces before cxlmd->endpoint updated, it is possible to access an > invalid endpoint in cxl_dpa_to_region(). > > Hold CXL memdev lock at the beginning of the interfaces, this blocks the > interfaces until CXL memdev probing completed. > > The following patch will check the given endpoint validity in > cxl_dpa_to_region(). > > Suggested-by: Dan Williams > Reviewed-by: Dave Jiang > Reviewed-by: Alison Schofield > Signed-off-by: Li Ming Hi Ming, I dropped this patch with Dan's comments [1] and updated cxl/next. Please check and make sure everything looks ok to you. Thanks! [1]: https://lore.kernel.org/linux-cxl/69b8b81621e16_452b100e@dwillia2-mobl4.notmuch/ > --- > drivers/cxl/mem.c | 10 ++++++++++ > 1 file changed, 10 insertions(+) > > diff --git a/drivers/cxl/mem.c b/drivers/cxl/mem.c > index fcffe24dcb42..ab88eaa31d1d 100644 > --- a/drivers/cxl/mem.c > +++ b/drivers/cxl/mem.c > @@ -48,6 +48,11 @@ static int cxl_mem_dpa_show(struct seq_file *file, void *data) > static int cxl_debugfs_poison_inject(void *data, u64 dpa) > { > struct cxl_memdev *cxlmd = data; > + int rc; > + > + ACQUIRE(device_intr, devlock)(&cxlmd->dev); > + if ((rc = ACQUIRE_ERR(device_intr, &devlock))) > + return rc; > > return cxl_inject_poison(cxlmd, dpa); > } > @@ -58,6 +63,11 @@ DEFINE_DEBUGFS_ATTRIBUTE(cxl_poison_inject_fops, NULL, > static int cxl_debugfs_poison_clear(void *data, u64 dpa) > { > struct cxl_memdev *cxlmd = data; > + int rc; > + > + ACQUIRE(device_intr, devlock)(&cxlmd->dev); > + if ((rc = ACQUIRE_ERR(device_intr, &devlock))) > + return rc; > > return cxl_clear_poison(cxlmd, dpa); > } >