Re: [PATCH v2 4/5] PCI: generic: Correct, and avoid overflow, in bus_max calculation.
From: Will Deacon
Date: Wed Sep 23 2015 - 14:02:06 EST
On Thu, Sep 17, 2015 at 11:02:11PM +0100, David Daney wrote:
> From: David Daney <david.daney@xxxxxxxxxx>
>
> There are two problems with the bus_max calculation:
>
> 1) The u8 data type can overflow for large config space windows.
>
> 2) The calculation is incorrect for a bus range that doesn't start at
> zero.
>
> Since the configuration space is relative to bus zero, make bus_max
> just be the size of the config window scaled by bus_shift. Then clamp
> it to a maximum of 255, per PCI. Use a data type of int to avoid
> overflow problems.
>
> Update host-generic-pci.txt to clarify the semantics of the "reg"
> property with respect to non-zero starting bus numbers.
>
> Signed-off-by: David Daney <david.daney@xxxxxxxxxx>
> ---
> Change from v1: Added text to host-generic-pci.txt
>
> Documentation/devicetree/bindings/pci/host-generic-pci.txt | 4 +++-
> drivers/pci/host/pci-host-generic.c | 7 ++++---
> 2 files changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/Documentation/devicetree/bindings/pci/host-generic-pci.txt b/Documentation/devicetree/bindings/pci/host-generic-pci.txt
> index cf3e205..105a968 100644
> --- a/Documentation/devicetree/bindings/pci/host-generic-pci.txt
> +++ b/Documentation/devicetree/bindings/pci/host-generic-pci.txt
> @@ -34,7 +34,9 @@ Properties of the host controller node:
> - #size-cells : Must be 2.
>
> - reg : The Configuration Space base address and size, as accessed
> - from the parent bus.
> + from the parent bus. The base address corresponds to
> + bus zero, even though the "bus-range" property may specify
> + a different starting bus number.
That's a useful clarification, thanks.
> Properties of the /chosen node:
> diff --git a/drivers/pci/host/pci-host-generic.c b/drivers/pci/host/pci-host-generic.c
> index 77cf4bd..0a9c453 100644
> --- a/drivers/pci/host/pci-host-generic.c
> +++ b/drivers/pci/host/pci-host-generic.c
> @@ -164,7 +164,7 @@ out_release_res:
> static int gen_pci_parse_map_cfg_windows(struct gen_pci *pci)
> {
> int err;
> - u8 bus_max;
> + int bus_max;
> resource_size_t busn;
> struct resource *bus_range;
> struct device *dev = pci->host.dev.parent;
> @@ -177,8 +177,9 @@ static int gen_pci_parse_map_cfg_windows(struct gen_pci *pci)
> }
>
> /* Limit the bus-range to fit within reg */
> - bus_max = pci->cfg.bus_range->start +
> - (resource_size(&pci->cfg.res) >> pci->cfg.ops.bus_shift) - 1;
> + bus_max = (resource_size(&pci->cfg.res) >> pci->cfg.ops.bus_shift) - 1;
> + if (bus_max > 255)
> + bus_max = 255;
I still don't understand the need for this part. If the cfg space is bigger
than bus_max, isn't that simply an invalid resource? Given that the resource
could be broken in other ways too, this check feels more like a specific
workaround rather than generally useful code.
Will
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/