Re: kernel NULL pointer dereference in quirk_clear_strap_no_soft_reset_dev2_f0 -> amd_smn_read

[Marek Marczykowski-Górecki]

On Fri, Jun 05, 2026 at 03:26:48PM -0700, Borislav Petkov wrote:
> On Fri, Jun 05, 2026 at 11:55:47PM +0200, Marek Marczykowski-Górecki wrote:
> > Well, it clearly happens, see the call trace in the first message of the
> > thread...
> > Do you suggest the fix should change
> > quirk_clear_strap_no_soft_reset_dev2_f0()?
> 
> https://lore.kernel.org/all/20260602184823.GKah8ld2QJLm28xoa9@fat_crate.local/
> 
> That thing should return an error so that amd_smn_read() is not even available
> on guests.

What do you mean by "not even available on guests"? I'm talking about
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/x86/pci/fixup.c#n876

    static void quirk_clear_strap_no_soft_reset_dev2_f0(struct pci_dev *dev)
    {
        u32 data;

        if (!amd_smn_read(0, AMD_15B8_RCC_DEV2_EPF0_STRAP2, &data)) {
            data &= ~AMD_15B8_RCC_DEV2_EPF0_STRAP2_NO_SOFT_RESET_DEV2_F0_MASK;
            if (amd_smn_write(0, AMD_15B8_RCC_DEV2_EPF0_STRAP2, data))
                pci_err(dev, "Failed to write data 0x%x\n", data);
        } else {
            pci_err(dev, "Failed to read data\n");
        }
    }
    DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_AMD, 0x15b8, quirk_clear_strap_no_soft_reset_dev2_f0);

There is nothing here that would prevent amd_smn_read() being called
inside a guest...

-- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab

Attachment: signature.asc
Description: PGP signature