From: sashiko-bot@kernel.org
To: "Drew Fustini" <fustini@kernel.org>
Cc: krzk+dt@kernel.org, conor+dt@kernel.org,
devicetree@vger.kernel.org, robh@kernel.org
Subject: Re: [PATCH RFC v4 08/18] riscv_cbqri: Add capacity controller monitoring device ops
Date: Tue, 12 May 2026 01:58:59 +0000 [thread overview]
Message-ID: <20260512015859.B33A7C2BCB0@smtp.kernel.org> (raw)
In-Reply-To: <20260510-ssqosid-cbqri-rqsc-v7-0-v4-8-eb53831ef683@kernel.org>
Thank you for your contribution! Sashiko AI review found 3 potential issue(s) to consider:
- [High] `FIELD_MODIFY()` combined with `GENMASK()` zero-extends and silently clears the upper 32 bits of 64-bit control registers on 32-bit architectures.
- [High] `cbqri_probe_feature()` executes invalid hardware commands and writes to reserved bits when misapplied to the Monitoring Control Register (`MON_CTL`).
- [Medium] The secondary AT=CODE probe in `cbqri_probe_feature()` fails to re-clear the RCID field, executing on potentially uninitialized data.
--
commit dbffd276d698867b45f205b7392c7a1860a86c4d
Author: Drew Fustini <fustini@kernel.org>
riscv_cbqri: Add capacity controller monitoring device ops
Add the CC monitoring primitives. cbqri_init_mon_counters() pre-arms
every MCID with the Occupancy event so a subsequent READ_COUNTER
just snapshots the live counter without re-configuring the slot.
> diff --git a/drivers/resctrl/cbqri_devices.c b/drivers/resctrl/cbqri_devices.c
> index dc76a146e34df..e46b02d2c50d7 100644
> --- a/drivers/resctrl/cbqri_devices.c
> +++ b/drivers/resctrl/cbqri_devices.c
[ ... ]
> @@ -361,6 +402,28 @@ static int cbqri_probe_cc(struct cbqri_controller *ctrl)
> }
> cpus_read_unlock();
>
> + /* Probe monitoring features */
> + err = cbqri_probe_feature(ctrl, CBQRI_CC_MON_CTL_OFF,
> + CBQRI_CC_MON_CTL_OP_READ_COUNTER, &status,
> + &has_mon_at_code);
Does reusing cbqri_probe_feature() for the Monitoring Control Register
(MON_CTL) execute invalid hardware commands and write to reserved bits?
Looking at cbqri_probe_feature(), it issues the operation while clearing the
RCID but ignores the EVT_ID field. This means it issues a counter read using
whatever uninitialized value the bootloader left in EVT_ID. Hardware is
expected to reject a counter read for an unconfigured event, returning an
error status instead of success.
Won't this expected failure cause the probe to falsely conclude monitoring is
unsupported?
Additionally, cbqri_probe_feature() unconditionally attempts to verify Access
Type (AT) support by modifying bits 7:5. Since the MON_CTL register layout
does not contain an AT field, does this modify implicitly reserved bits and
risk hardware faults?
Also, in the secondary AT=CODE probe within cbqri_probe_feature(), it appears
the RCID field is not re-cleared:
cbqri_probe_feature() {
...
reg = saved_reg;
FIELD_MODIFY(CBQRI_CONTROL_REGISTERS_OP_MASK, ®, operation);
FIELD_MODIFY(CBQRI_CONTROL_REGISTERS_AT_MASK, ®,
CBQRI_CONTROL_REGISTERS_AT_CODE);
iowrite64(reg, ctrl->base + reg_offset);
...
}
If the bootloader left an out-of-bounds or invalid value in the RCID field,
will this secondary probe execute on that invalid ID and potentially cause a
hardware fault?
> + if (err)
> + return err;
[ ... ]
> diff --git a/drivers/resctrl/cbqri_internal.h b/drivers/resctrl/cbqri_internal.h
> index 6a581a7e417be..b1169ffc599fb 100644
> --- a/drivers/resctrl/cbqri_internal.h
> +++ b/drivers/resctrl/cbqri_internal.h
[ ... ]
> @@ -39,6 +41,20 @@
> #define CBQRI_CC_ALLOC_CTL_OP_READ_LIMIT 2
> #define CBQRI_CC_ALLOC_CTL_STATUS_SUCCESS 1
>
> +#define CBQRI_CC_MON_CTL_OP_CONFIG_EVENT 1
> +#define CBQRI_CC_MON_CTL_OP_READ_COUNTER 2
> +
> +/* mon_ctl field masks (CC and BC share an identical OP/MCID/EVT_ID/STATUS layout) */
> +#define CBQRI_MON_CTL_OP_MASK GENMASK(4, 0)
> +#define CBQRI_MON_CTL_MCID_MASK GENMASK(19, 8)
> +#define CBQRI_MON_CTL_EVT_ID_MASK GENMASK(27, 20)
Can FIELD_MODIFY() combined with GENMASK() zero-extend and silently clear the
upper 32 bits of 64-bit control registers on 32-bit architectures?
Since CBQRI_MON_CTL_OP_MASK and CBQRI_MON_CTL_MCID_MASK are defined using
GENMASK(), they yield an unsigned long (32-bit on RV32).
When FIELD_MODIFY() does *(_reg_p) &= ~(_mask) on the 64-bit u64 reg, the
bitwise negation of the 32-bit mask is bitwise ANDed with reg. C integer
promotion rules zero-extend the unsigned 32-bit value to something like
0x00000000FFFFFFE0ULL.
Will this inadvertently clear bits 63:32 of the register to 0 before it is
written back via iowrite64(), potentially corrupting the STATUS field, the
BUSY bit, and any hardware Write-Preserve-Read-Ignore fields?
> +#define CBQRI_MON_CTL_STATUS_MASK GENMASK_ULL(38, 32)
> +#define CBQRI_MON_CTL_STATUS_SUCCESS 1
> +
--
Sashiko AI review · https://sashiko.dev/#/patchset/20260510-ssqosid-cbqri-rqsc-v7-0-v4-0-eb53831ef683@kernel.org?part=8
next prev parent reply other threads:[~2026-05-12 1:59 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-11 5:10 [PATCH RFC v4 00/18] riscv: add Ssqosid and CBQRI resctrl support Drew Fustini
2026-05-11 5:10 ` [PATCH RFC v4 01/18] dt-bindings: riscv: Add Ssqosid extension description Drew Fustini
2026-05-11 5:10 ` [PATCH RFC v4 02/18] riscv: detect the Ssqosid extension Drew Fustini
2026-05-11 5:10 ` [PATCH RFC v4 03/18] riscv: add support for srmcfg CSR from " Drew Fustini
2026-05-11 23:52 ` sashiko-bot
2026-05-11 5:11 ` [PATCH RFC v4 04/18] fs/resctrl: Add resctrl_is_membw() helper Drew Fustini
2026-05-11 5:11 ` [PATCH RFC v4 05/18] fs/resctrl: Add RDT_RESOURCE_MB_MIN and RDT_RESOURCE_MB_WGHT Drew Fustini
2026-05-11 5:11 ` [PATCH RFC v4 06/18] fs/resctrl: Let bandwidth resources default to min_bw at reset Drew Fustini
2026-05-11 5:11 ` [PATCH RFC v4 07/18] riscv_cbqri: Add capacity controller probe and allocation device ops Drew Fustini
2026-05-12 1:26 ` sashiko-bot
2026-05-11 5:11 ` [PATCH RFC v4 08/18] riscv_cbqri: Add capacity controller monitoring " Drew Fustini
2026-05-12 1:58 ` sashiko-bot [this message]
2026-05-11 5:11 ` [PATCH RFC v4 09/18] riscv_cbqri: Add bandwidth controller probe and allocation " Drew Fustini
2026-05-12 2:29 ` sashiko-bot
2026-05-11 5:11 ` [PATCH RFC v4 10/18] riscv_cbqri: Add bandwidth controller monitoring " Drew Fustini
2026-05-11 5:11 ` [PATCH RFC v4 11/18] riscv_cbqri: resctrl: Add cache allocation via capacity block mask Drew Fustini
2026-05-12 4:01 ` sashiko-bot
2026-05-11 5:11 ` [PATCH RFC v4 12/18] riscv_cbqri: resctrl: Add L3 cache occupancy monitoring Drew Fustini
2026-05-12 5:00 ` sashiko-bot
2026-05-11 5:11 ` [PATCH RFC v4 13/18] riscv_cbqri: resctrl: Add MB_MIN bandwidth allocation via Rbwb Drew Fustini
2026-05-12 5:42 ` sashiko-bot
2026-05-11 5:11 ` [PATCH RFC v4 14/18] riscv_cbqri: resctrl: Add MB_WGHT bandwidth allocation via Mweight Drew Fustini
2026-05-11 5:11 ` [PATCH RFC v4 15/18] riscv_cbqri: resctrl: Add mbm_total_bytes bandwidth monitoring Drew Fustini
2026-05-12 21:26 ` sashiko-bot
2026-05-11 5:11 ` [PATCH RFC v4 16/18] ACPI: RISC-V: Parse RISC-V Quality of Service Controller (RQSC) table Drew Fustini
2026-05-12 21:46 ` sashiko-bot
2026-05-11 5:11 ` [PATCH RFC v4 17/18] ACPI: RISC-V: Add support for RISC-V Quality of Service Controller (RQSC) Drew Fustini
2026-05-11 5:11 ` [PATCH RFC v4 18/18] riscv: enable resctrl filesystem for Ssqosid Drew Fustini
2026-05-12 22:56 ` sashiko-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260512015859.B33A7C2BCB0@smtp.kernel.org \
--to=sashiko-bot@kernel.org \
--cc=conor+dt@kernel.org \
--cc=devicetree@vger.kernel.org \
--cc=fustini@kernel.org \
--cc=krzk+dt@kernel.org \
--cc=robh@kernel.org \
--cc=sashiko@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox