[PATCH] PCI: Pass domain number explicitly to pci_bus_release_domain_nr() API

From: Manivannan Sadhasivam
Date: Thu Sep 12 2024 - 01:30:51 EST

Next message: Christian A. Ehrhardt: "[PATCH] usb: typec: ucsi: Fix busy loop on ASUS VivoBooks"
Previous message: Greg Kroah-Hartman: "Re: [PATCH 1/2] dmaengine: dw: Prevent tx-status calling DMA-desc callback"
Next in thread: Krzysztof Wilczyński: "Re: [PATCH] PCI: Pass domain number explicitly to pci_bus_release_domain_nr() API"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

pci_bus_release_domain_nr() API is supposed to free the domain number
allocated by pci_bus_find_domain_nr(). Most of the callers of
pci_bus_find_domain_nr(), store the domain number in pci_bus::domain_nr.

So pci_bus_release_domain_nr() implicitly frees the domain number by
dereferencing 'struct pci_bus'. But one of the callers of this API, PCI
endpoint subsystem doesn't have 'struct pci_bus', so it only passes NULL.
Due to this, the API will end up dereferencing the NULL pointer.

To fix this issue, let's just pass the domain number explicitly to this
API. Since 'struct pci_bus' is not used for any other purposes in this API
other than extracting the domain number, it makes sense to pass the domain
number directly.

Fixes: 0328947c5032 ("PCI: endpoint: Assign PCI domain number for endpoint controllers")
Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Closes: https://lore.kernel.org/linux-pci/c0c40ddb-bf64-4b22-9dd1-8dbb18aa2813@stanley.mountain
Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@xxxxxxxxxx>
---
drivers/pci/endpoint/pci-epc-core.c | 2 +-
drivers/pci/pci.c | 14 +++++++-------
drivers/pci/probe.c | 2 +-
drivers/pci/remove.c | 2 +-
include/linux/pci.h | 2 +-
5 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/drivers/pci/endpoint/pci-epc-core.c b/drivers/pci/endpoint/pci-epc-core.c
index 085a2de8b923..17f007109255 100644
--- a/drivers/pci/endpoint/pci-epc-core.c
+++ b/drivers/pci/endpoint/pci-epc-core.c
@@ -840,7 +840,7 @@ void pci_epc_destroy(struct pci_epc *epc)
device_unregister(&epc->dev);

#ifdef CONFIG_PCI_DOMAINS_GENERIC
- pci_bus_release_domain_nr(NULL, &epc->dev);
+ pci_bus_release_domain_nr(&epc->dev, epc->domain_nr);
#endif
}
EXPORT_SYMBOL_GPL(pci_epc_destroy);
diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
index e3a49f66982d..b86693c91753 100644
--- a/drivers/pci/pci.c
+++ b/drivers/pci/pci.c
@@ -6801,16 +6801,16 @@ static int of_pci_bus_find_domain_nr(struct device *parent)
return ida_alloc(&pci_domain_nr_dynamic_ida, GFP_KERNEL);
}

-static void of_pci_bus_release_domain_nr(struct pci_bus *bus, struct device *parent)
+static void of_pci_bus_release_domain_nr(struct device *parent, int domain_nr)
{
- if (bus->domain_nr < 0)
+ if (domain_nr < 0)
return;

/* Release domain from IDA where it was allocated. */
- if (of_get_pci_domain_nr(parent->of_node) == bus->domain_nr)
- ida_free(&pci_domain_nr_static_ida, bus->domain_nr);
+ if (of_get_pci_domain_nr(parent->of_node) == domain_nr)
+ ida_free(&pci_domain_nr_static_ida, domain_nr);
else
- ida_free(&pci_domain_nr_dynamic_ida, bus->domain_nr);
+ ida_free(&pci_domain_nr_dynamic_ida, domain_nr);
}

int pci_bus_find_domain_nr(struct pci_bus *bus, struct device *parent)
@@ -6819,11 +6819,11 @@ int pci_bus_find_domain_nr(struct pci_bus *bus, struct device *parent)
acpi_pci_bus_find_domain_nr(bus);
}

-void pci_bus_release_domain_nr(struct pci_bus *bus, struct device *parent)
+void pci_bus_release_domain_nr(struct device *parent, int domain_nr)
{
if (!acpi_disabled)
return;
- of_pci_bus_release_domain_nr(bus, parent);
+ of_pci_bus_release_domain_nr(parent, domain_nr);
}
#endif

diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c
index b14b9876c030..e9e56bbb3b59 100644
--- a/drivers/pci/probe.c
+++ b/drivers/pci/probe.c
@@ -1061,7 +1061,7 @@ static int pci_register_host_bridge(struct pci_host_bridge *bridge)

free:
#ifdef CONFIG_PCI_DOMAINS_GENERIC
- pci_bus_release_domain_nr(bus, parent);
+ pci_bus_release_domain_nr(parent, bus->domain_nr);
#endif
kfree(bus);
return err;
diff --git a/drivers/pci/remove.c b/drivers/pci/remove.c
index 910387e5bdbf..d2523fdf9bae 100644
--- a/drivers/pci/remove.c
+++ b/drivers/pci/remove.c
@@ -163,7 +163,7 @@ void pci_remove_root_bus(struct pci_bus *bus)
#ifdef CONFIG_PCI_DOMAINS_GENERIC
/* Release domain_nr if it was dynamically allocated */
if (host_bridge->domain_nr == PCI_DOMAIN_NR_NOT_SET)
- pci_bus_release_domain_nr(bus, host_bridge->dev.parent);
+ pci_bus_release_domain_nr(host_bridge->dev.parent, bus->domain_nr);
#endif

pci_remove_bus(bus);
diff --git a/include/linux/pci.h b/include/linux/pci.h
index 4cf89a4b4cbc..37d97bef060f 100644
--- a/include/linux/pci.h
+++ b/include/linux/pci.h
@@ -1884,7 +1884,7 @@ static inline int acpi_pci_bus_find_domain_nr(struct pci_bus *bus)
{ return 0; }
#endif
int pci_bus_find_domain_nr(struct pci_bus *bus, struct device *parent);
-void pci_bus_release_domain_nr(struct pci_bus *bus, struct device *parent);
+void pci_bus_release_domain_nr(struct device *parent, int domain_nr);
#endif

/* Some architectures require additional setup to direct VGA traffic */
--
2.25.1

Next message: Christian A. Ehrhardt: "[PATCH] usb: typec: ucsi: Fix busy loop on ASUS VivoBooks"
Previous message: Greg Kroah-Hartman: "Re: [PATCH 1/2] dmaengine: dw: Prevent tx-status calling DMA-desc callback"
Next in thread: Krzysztof Wilczyński: "Re: [PATCH] PCI: Pass domain number explicitly to pci_bus_release_domain_nr() API"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]