From: Yinghai Lu <yinghai@kernel.org>
To: Bjorn Helgaas <bhelgaas@google.com>,
David Miller <davem@davemloft.net>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Wei Yang <weiyang@linux.vnet.ibm.com>,
Khalid Aziz <khalid.aziz@oracle.com>,
linux-pci@vger.kernel.org, linux-kernel@vger.kernel.org,
Yinghai Lu <yinghai@kernel.org>
Subject: [PATCH v14 04/17] PCI: Check resource alignment for /sys pci_mmap_resource path
Date: Fri, 16 Sep 2016 13:01:54 -0700 [thread overview]
Message-ID: <20160916200207.21439-5-yinghai@kernel.org> (raw)
In-Reply-To: <20160916200207.21439-1-yinghai@kernel.org>
When user access /sys/.../resourceX with pci_mmap_resource(),
pci_mmap_resource():
...
pci_resource_to_user(pdev, i, res, &start, &end);
vma->vm_pgoff += start >> PAGE_SHIFT;
mmap_type = res->flags & IORESOURCE_MEM ? pci_mmap_mem : pci_mmap_io;
return pci_mmap_page_range(pdev, vma, mmap_type, write_combine);
so it will return virtual address for round_down of start.
user code should pass offset with PAGE_SIZE offset.
fd = open(argv[1], O_RDONLY);
...
sscanf(argv[2], "0x%lx", &offset);
left = offset & (PAGE_SIZE - 1);
offset &= PAGE_MASK;
addr = mmap(NULL, PAGE_SIZE, PROT_READ, MAP_SHARED, fd, offset);
for (i = 0; i < 8; i++)
printf("%x ", addr[i + left]);
munmap(addr, PAGE_SIZE);
close(fd);
When the resource start is not PAGE_SIZE aligned, it should
be io port, pci_mmap_resource could return round_down address of
resource start.
As the whole point for pci_mmap_resource is passing offset in
[0, resource_size), user may assume virtual add is corresponding
to unaligned resource_size. Later they could get wrong value
with offset to resource start.
Block the path for now, and need to use pci_read_resource_io
/pci_write_resource_io path instead.
user code should be like:
fd = open(argv[1], O_RDONLY);
...
sscanf(argv[2], "0x%lx", &offset);
for (i = 0; i < 8; i++) {
pread(fd, &buf, 1, i + offset);
}
close(fd);
Signed-off-by: Yinghai Lu <yinghai@kernel.org>
---
drivers/pci/pci-sysfs.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c
index d55d93d..e2eb79f 100644
--- a/drivers/pci/pci-sysfs.c
+++ b/drivers/pci/pci-sysfs.c
@@ -1023,6 +1023,16 @@ static int pci_mmap_resource(struct kobject *kobj, struct bin_attribute *attr,
if (i >= PCI_ROM_RESOURCE)
return -ENODEV;
+ /*
+ * resource start have to be PAGE_SIZE aligned, as we pass
+ * back virt address include round down of resource_start,
+ * that caller can not figure out directly.
+ * when it is not aligned, that mean it is io port, should go
+ * pci_read_resource_io()/pci_write_resource_io() path.
+ */
+ if (res->start & ~PAGE_MASK)
+ return -EINVAL;
+
if (res->flags & IORESOURCE_MEM && iomem_is_exclusive(res->start))
return -EINVAL;
--
2.8.3
next prev parent reply other threads:[~2016-09-16 20:01 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-16 20:01 [PATCH v14 00/17] PCI: Fixup for 64bit resource with sparc Yinghai Lu
2016-09-16 20:01 ` [PATCH v14 01/17] PCI: Fix proc mmap on sparc Yinghai Lu
2016-09-16 20:01 ` [PATCH v14 02/17] PCI: Let pci_mmap_page_range() take resource address Yinghai Lu
2016-09-16 20:01 ` [PATCH v14 03/17] PCI: Remove __pci_mmap_make_offset() Yinghai Lu
2016-09-16 20:01 ` Yinghai Lu [this message]
2016-09-16 20:01 ` [PATCH v14 05/17] sparc/PCI: Use correct offset for bus address to resource Yinghai Lu
2016-09-16 20:01 ` [PATCH v14 06/17] PCI: Add pci_find_bus_resource() Yinghai Lu
2016-09-16 20:01 ` [PATCH v14 07/17] sparc/PCI: Reserve legacy mmio after PCI mmio Yinghai Lu
2016-09-16 20:01 ` [PATCH v14 08/17] sparc/PCI: Add IORESOURCE_MEM_64 for 64-bit resource in OF parsing Yinghai Lu
2016-09-16 20:01 ` [PATCH v14 09/17] sparc/PCI: Keep resource idx order with bridge register number Yinghai Lu
2016-09-16 20:02 ` [PATCH v14 10/17] powerpc/PCI: " Yinghai Lu
2016-09-16 20:02 ` [PATCH v14 11/17] powerpc/PCI: Add IORESOURCE_MEM_64 for 64-bit resource in OF parsing Yinghai Lu
2016-09-16 20:02 ` [PATCH v14 12/17] OF/PCI: Add IORESOURCE_MEM_64 for 64-bit resource Yinghai Lu
2016-09-16 20:02 ` [PATCH v14 13/17] PCI: Check pref compatible bit for mem64 resource of PCIe device Yinghai Lu
2016-09-16 20:02 ` [PATCH v14 14/17] PCI: Only treat non-pref mmio64 as pref if all bridges have MEM_64 Yinghai Lu
2016-09-16 20:02 ` [PATCH v14 15/17] PCI: Add has_mem64 for struct host_bridge Yinghai Lu
2016-09-16 20:02 ` [PATCH v14 16/17] PCI: Only treat non-pref mmio64 as pref if host bridge has mmio64 Yinghai Lu
2016-09-16 20:02 ` [PATCH v14 17/17] PCI: Restore pref MMIO allocation logic for host bridge without mmio64 Yinghai Lu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160916200207.21439-5-yinghai@kernel.org \
--to=yinghai@kernel.org \
--cc=benh@kernel.crashing.org \
--cc=bhelgaas@google.com \
--cc=davem@davemloft.net \
--cc=khalid.aziz@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=weiyang@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).