From: "Krzysztof Wilczyński" <kwilczynski@kernel.org>
To: Bjorn Helgaas <bhelgaas@google.com>
Cc: "Bjorn Helgaas" <helgaas@kernel.org>,
"Manivannan Sadhasivam" <mani@kernel.org>,
"Lorenzo Pieralisi" <lpieralisi@kernel.org>,
"Magnus Lindholm" <linmag7@gmail.com>,
"Matt Turner" <mattst88@gmail.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Christophe Leroy" <chleroy@kernel.org>,
"Madhavan Srinivasan" <maddy@linux.ibm.com>,
"Michael Ellerman" <mpe@ellerman.id.au>,
"Nicholas Piggin" <npiggin@gmail.com>,
"Dexuan Cui" <decui@microsoft.com>,
"Krzysztof Hałasa" <khalasa@piap.pl>,
"Lukas Wunner" <lukas@wunner.de>,
"Oliver O'Halloran" <oohall@gmail.com>,
"Saurabh Singh Sengar" <ssengar@microsoft.com>,
"Shuan He" <heshuan@bytedance.com>,
"Srivatsa Bhat" <srivatsabhat@microsoft.com>,
"Ilpo Järvinen" <ilpo.jarvinen@linux.intel.com>,
linux-pci@vger.kernel.org, linux-alpha@vger.kernel.org,
linuxppc-dev@lists.ozlabs.org
Subject: Re: [PATCH v5 22/23] PCI/sysfs: Convert legacy I/O and memory attributes to static definitions
Date: Wed, 22 Apr 2026 05:06:09 +0900 [thread overview]
Message-ID: <20260421200609.GE1684602@rocinante> (raw)
In-Reply-To: <20260416180107.777065-23-kwilczynski@kernel.org>
Hello,
> Currently, legacy_io and legacy_mem are dynamically allocated and
> created by pci_create_legacy_files(), with pci_adjust_legacy_attr()
> updating the attributes at runtime on Alpha to rename them and shift
> the size for sparse addressing.
>
> Convert to four static const attributes (legacy_io, legacy_io_sparse,
> legacy_mem, legacy_mem_sparse) with is_bin_visible() callbacks that
> use pci_legacy_has_sparse() to select the appropriate variant per bus.
> The sizes are compile-time constants and .size is set directly on
> each attribute.
>
> Register the groups in pcibus_groups[] under a HAVE_PCI_LEGACY guard
> so the driver model handles creation and removal automatically.
>
> Stub out pci_create_legacy_files() and pci_remove_legacy_files() as
> the dynamic creation is no longer needed. Remove the __weak
> pci_adjust_legacy_attr(), Alpha's override, and its declaration from
> both Alpha and PowerPC asm/pci.h headers.
There is feedback from Sashiko about this:
https://sashiko.dev/#/patchset/20260416180107.777065-1-kwilczynski%40kernel.org?part=22
This is a pre-existing issue that is does trip KASAN:
- Read successful; larger buffer.
root@kvm:~# dd if=/dev/zero of=/sys/class/pci_bus/0000:00/legacy_io bs=4 count=1 seek=32
1+0 records in
1+0 records out
4 bytes (4B) copied, 0.004042 seconds, 989B/s
- Splat; smaller buffer.
root@kvm:~# dd if=/dev/zero of=/sys/class/pci_bus/0000:00/legacy_io bs=1 count=1 seek=128
[ 138.516163] ==================================================================
[ 138.516843] BUG: KASAN: slab-out-of-bounds in pci_write_legacy_io+0x90/0xc8
[ 138.517311] Read of size 4 at addr c29697b0 by task dd/37
[ 138.517685]
[ 138.518188] CPU: 0 UID: 0 PID: 37 Comm: dd Not tainted 7.0.0-rc1-g973e040579d6 #1 PREEMPTLAZY
[ 138.518578] Hardware name: PowerMac3,1 7400 0xc0209 PowerMac
[ 138.519019] Call Trace:
[ 138.519165] [c2b8bbd0] [c12deee4] dump_stack_lvl+0x50/0x78 (unreliable)
[ 138.519632] [c2b8bbf0] [c03f67e4] print_report+0x14c/0x514
[ 138.519968] [c2b8bc50] [c03f646c] kasan_report+0x104/0x1d0
[ 138.520288] [c2b8bcd0] [c0925e94] pci_write_legacy_io+0x90/0xc8
[ 138.520624] [c2b8bcf0] [c0626cb4] kernfs_fop_write_iter+0x484/0x6cc
[ 138.521003] [c2b8bd30] [c0419d1c] vfs_write+0x5fc/0x12f4
[ 138.521299] [c2b8be60] [c041aeac] ksys_write+0x120/0x244
[ 138.521605] [c2b8bf00] [c001d218] system_call_exception+0x14c/0x304
[ 138.521976] [c2b8bf30] [c002b1bc] ret_from_syscall+0x0/0x2c
[ 138.522317] ---- interrupt: c00 at 0x100a59f4
[ 138.522695] NIP: 100a59f4 LR: 101005e4 CTR: b7bf44a0
[ 138.523013] REGS: c2b8bf40 TRAP: 0c00 Not tainted (7.0.0-rc1-g973e040579d6)
[ 138.523413] MSR: 0000d932 <EE,PR,ME,IR,DR,RI> CR: 28004462 XER: 00000000
[ 138.524028]
[ 138.524028] GPR00: 00000004 bfbff210 1027d520 00000001 102795a0 00000001 10277237 100a4ac4
[ 138.524028] GPR08: 0000d932 00000002 00000000 bfbff2c0 b7bf0000 102790b2 10230000 10226faa
[ 138.524028] GPR16: 10237d81 00000000 00000000 102795a0 102795a0 00000000 1027721f 00000001
[ 138.524028] GPR24: 00000001 00000000 10271500 10270000 00000000 00000001 102795a0 00000001
[ 138.526014] NIP [100a59f4] 0x100a59f4
[ 138.526264] LR [101005e4] 0x101005e4
[ 138.526500] ---- interrupt: c00
[ 138.526740]
[ 138.526913] Allocated by task 37 on cpu 0 at 138.516066s:
[ 138.527334] kasan_save_track+0x3c/0x90
[ 138.527572] __kasan_kmalloc+0xb8/0xec
[ 138.527816] kernfs_fop_write_iter+0x55c/0x6cc
[ 138.528076] vfs_write+0x5fc/0x12f4
[ 138.528269] ksys_write+0x120/0x244
[ 138.528472] system_call_exception+0x14c/0x304
[ 138.528688] ret_from_syscall+0x0/0x2c
[ 138.528950]
[ 138.529108] The buggy address belongs to the object at c29697b0
[ 138.529108] which belongs to the cache kmalloc-8 of size 8
[ 138.529673] The buggy address is located 0 bytes inside of
[ 138.529673] allocated 2-byte region [c29697b0, c29697b2)
[ 138.530173]
[ 138.530318] The buggy address belongs to the physical page:
[ 138.531001] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x2969
[ 138.531454] flags: 0x0(zone=0)
[ 138.532076] page_type: f5(slab)
[ 138.532520] raw: 00000000 c1c01300 00000122 00000000 00000000 005500aa f5000000 00000000
[ 138.533046] page dumped because: kasan: bad access detected
[ 138.533372]
[ 138.533496] Memory state around the buggy address:
[ 138.533955] c2969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 138.534328] c2969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 138.534693] >c2969780: fc fc fc fc fc fc 02 fc fc fc fc fc fa fc fc fc
[ 138.535066] ^
[ 138.535358] c2969800: fc fc fa fc fc fc fc fc fa fc fc fc fc fc 04 fc
[ 138.535661] c2969880: fc fc fc fc 00 fc fc fc fc fc fa fc fc fc fc fc
[ 138.536058] ==================================================================
[ 138.537335] Disabling lock debugging due to kernel taint
1+0 records in
1+0 records out
1 bytes (1B) copied, 0.023071 seconds, 43B/s
Something to fix as a follow-up.
Thank you!
Krzysztof
next prev parent reply other threads:[~2026-04-21 20:06 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-16 18:00 [PATCH v5 00/23] PCI: Convert all dynamic sysfs attributes to static Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 01/23] PCI/sysfs: Use PCI resource accessor macros Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 02/23] PCI: Add pci_resource_is_io() and pci_resource_is_mem() helpers Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 03/23] PCI/sysfs: Only allow supported resource types in I/O and MMIO helpers Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 04/23] PCI/sysfs: Use BAR length in pci_llseek_resource() when attr->size is zero Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 05/23] PCI/sysfs: Add CAP_SYS_ADMIN check to __resource_resize_store() Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 06/23] PCI/sysfs: Add static PCI resource attribute macros Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 07/23] PCI/sysfs: Convert PCI resource files to static attributes Krzysztof Wilczyński
2026-04-21 19:42 ` Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 08/23] PCI/sysfs: Warn about BAR resize failure in __resource_resize_store() Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 09/23] PCI/sysfs: Add stubs for pci_{create,remove}_sysfs_dev_files() Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 10/23] PCI/sysfs: Limit pci_sysfs_init() late_initcall compile scope Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 11/23] alpha/PCI: Add security_locked_down() check to pci_mmap_resource() Krzysztof Wilczyński
2026-04-21 19:50 ` Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 12/23] alpha/PCI: Use BAR index in sysfs attr->private instead of resource pointer Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 13/23] alpha/PCI: Use PCI resource accessor macros Krzysztof Wilczyński
2026-04-21 18:43 ` Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 14/23] alpha/PCI: Fix __pci_mmap_fits() overflow for zero-length BARs Krzysztof Wilczyński
2026-04-16 18:00 ` [PATCH v5 15/23] alpha/PCI: Remove WARN from __pci_mmap_fits() Krzysztof Wilczyński
2026-04-16 18:01 ` [PATCH v5 16/23] alpha/PCI: Add static PCI resource attribute macros Krzysztof Wilczyński
2026-04-16 18:01 ` [PATCH v5 17/23] alpha/PCI: Convert resource files to static attributes Krzysztof Wilczyński
2026-04-16 18:01 ` [PATCH v5 18/23] PCI/sysfs: Remove pci_{create,remove}_sysfs_dev_files() Krzysztof Wilczyński
2026-04-16 18:01 ` [PATCH v5 19/23] PCI: Add macros for legacy I/O and memory address space sizes Krzysztof Wilczyński
2026-04-16 18:01 ` [PATCH v5 20/23] alpha/PCI: Compute legacy size in pci_mmap_legacy_page_range() Krzysztof Wilczyński
2026-04-16 18:01 ` [PATCH v5 21/23] PCI/sysfs: Add __weak pci_legacy_has_sparse() helper Krzysztof Wilczyński
2026-04-16 18:01 ` [PATCH v5 22/23] PCI/sysfs: Convert legacy I/O and memory attributes to static definitions Krzysztof Wilczyński
2026-04-21 20:06 ` Krzysztof Wilczyński [this message]
2026-04-16 18:01 ` [PATCH v5 23/23] PCI/sysfs: Remove pci_create_legacy_files() and pci_sysfs_init() Krzysztof Wilczyński
2026-04-17 10:41 ` [PATCH v5 00/23] PCI: Convert all dynamic sysfs attributes to static Krzysztof Wilczyński
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260421200609.GE1684602@rocinante \
--to=kwilczynski@kernel.org \
--cc=bhelgaas@google.com \
--cc=chleroy@kernel.org \
--cc=decui@microsoft.com \
--cc=helgaas@kernel.org \
--cc=heshuan@bytedance.com \
--cc=ilpo.jarvinen@linux.intel.com \
--cc=khalasa@piap.pl \
--cc=linmag7@gmail.com \
--cc=linux-alpha@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=lpieralisi@kernel.org \
--cc=lukas@wunner.de \
--cc=maddy@linux.ibm.com \
--cc=mani@kernel.org \
--cc=mattst88@gmail.com \
--cc=mpe@ellerman.id.au \
--cc=npiggin@gmail.com \
--cc=oohall@gmail.com \
--cc=richard.henderson@linaro.org \
--cc=srivatsabhat@microsoft.com \
--cc=ssengar@microsoft.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox