1. Patchew
  2. linux
  3. [PATCH v2 0/4] cxl: Consolidate cxlmd->endpoint accessing
  4. View patch

[PATCH v2 2/4] cxl/memdev: Hold memdev lock during memdev poison injection/clear

Li Ming posted 4 patches 3 weeks, 3 days ago
[PATCH v2 2/4] cxl/memdev: Hold memdev lock during memdev poison injection/clear
Posted by Li Ming 3 weeks, 3 days ago 
CXL memdev poison injection/clearing debugfs interfaces are visible
before the CXL memdev endpoint initialization, If user accesses the
interfaces before cxlmd->endpoint updated, it is possible to access an
invalid endpoint in cxl_dpa_to_region().

Hold CXL memdev lock at the beginning of the interfaces, this blocks the
interfaces until CXL memdev probing completed.

The following patch will check the given endpoint validity in
cxl_dpa_to_region().

Suggested-by: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Dave Jiang <dave.jiang@intel.com>
Reviewed-by: Alison Schofield <alison.schofield@intel.com>
Signed-off-by: Li Ming <ming.li@zohomail.com>
---
 drivers/cxl/mem.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/drivers/cxl/mem.c b/drivers/cxl/mem.c
index fcffe24dcb42..ab88eaa31d1d 100644
--- a/drivers/cxl/mem.c
+++ b/drivers/cxl/mem.c
@@ -48,6 +48,11 @@ static int cxl_mem_dpa_show(struct seq_file *file, void *data)
 static int cxl_debugfs_poison_inject(void *data, u64 dpa)
 {
 	struct cxl_memdev *cxlmd = data;
+	int rc;
+
+	ACQUIRE(device_intr, devlock)(&cxlmd->dev);
+	if ((rc = ACQUIRE_ERR(device_intr, &devlock)))
+		return rc;
 
 	return cxl_inject_poison(cxlmd, dpa);
 }
@@ -58,6 +63,11 @@ DEFINE_DEBUGFS_ATTRIBUTE(cxl_poison_inject_fops, NULL,
 static int cxl_debugfs_poison_clear(void *data, u64 dpa)
 {
 	struct cxl_memdev *cxlmd = data;
+	int rc;
+
+	ACQUIRE(device_intr, devlock)(&cxlmd->dev);
+	if ((rc = ACQUIRE_ERR(device_intr, &devlock)))
+		return rc;
 
 	return cxl_clear_poison(cxlmd, dpa);
 }

-- 
2.43.0
Re: [PATCH v2 2/4] cxl/memdev: Hold memdev lock during memdev poison injection/clear
Posted by Dave Jiang 2 weeks, 6 days ago 

On 3/14/26 12:06 AM, Li Ming wrote:
> CXL memdev poison injection/clearing debugfs interfaces are visible
> before the CXL memdev endpoint initialization, If user accesses the
> interfaces before cxlmd->endpoint updated, it is possible to access an
> invalid endpoint in cxl_dpa_to_region().
> 
> Hold CXL memdev lock at the beginning of the interfaces, this blocks the
> interfaces until CXL memdev probing completed.
> 
> The following patch will check the given endpoint validity in
> cxl_dpa_to_region().
> 
> Suggested-by: Dan Williams <dan.j.williams@intel.com>
> Reviewed-by: Dave Jiang <dave.jiang@intel.com>
> Reviewed-by: Alison Schofield <alison.schofield@intel.com>
> Signed-off-by: Li Ming <ming.li@zohomail.com>

Hi Ming, I dropped this patch with Dan's comments [1] and updated cxl/next. Please check and make sure everything looks ok to you. Thanks!

[1]: https://lore.kernel.org/linux-cxl/69b8b81621e16_452b100e@dwillia2-mobl4.notmuch/

> ---
>  drivers/cxl/mem.c | 10 ++++++++++
>  1 file changed, 10 insertions(+)
> 
> diff --git a/drivers/cxl/mem.c b/drivers/cxl/mem.c
> index fcffe24dcb42..ab88eaa31d1d 100644
> --- a/drivers/cxl/mem.c
> +++ b/drivers/cxl/mem.c
> @@ -48,6 +48,11 @@ static int cxl_mem_dpa_show(struct seq_file *file, void *data)
>  static int cxl_debugfs_poison_inject(void *data, u64 dpa)
>  {
>  	struct cxl_memdev *cxlmd = data;
> +	int rc;
> +
> +	ACQUIRE(device_intr, devlock)(&cxlmd->dev);
> +	if ((rc = ACQUIRE_ERR(device_intr, &devlock)))
> +		return rc;
>  
>  	return cxl_inject_poison(cxlmd, dpa);
>  }
> @@ -58,6 +63,11 @@ DEFINE_DEBUGFS_ATTRIBUTE(cxl_poison_inject_fops, NULL,
>  static int cxl_debugfs_poison_clear(void *data, u64 dpa)
>  {
>  	struct cxl_memdev *cxlmd = data;
> +	int rc;
> +
> +	ACQUIRE(device_intr, devlock)(&cxlmd->dev);
> +	if ((rc = ACQUIRE_ERR(device_intr, &devlock)))
> +		return rc;
>  
>  	return cxl_clear_poison(cxlmd, dpa);
>  }
>
Re: [PATCH v2 2/4] cxl/memdev: Hold memdev lock during memdev poison injection/clear
Posted by Li Ming 2 weeks, 5 days ago 
在 2026/3/17 23:00, Dave Jiang 写道:
>
> On 3/14/26 12:06 AM, Li Ming wrote:
>> CXL memdev poison injection/clearing debugfs interfaces are visible
>> before the CXL memdev endpoint initialization, If user accesses the
>> interfaces before cxlmd->endpoint updated, it is possible to access an
>> invalid endpoint in cxl_dpa_to_region().
>>
>> Hold CXL memdev lock at the beginning of the interfaces, this blocks the
>> interfaces until CXL memdev probing completed.
>>
>> The following patch will check the given endpoint validity in
>> cxl_dpa_to_region().
>>
>> Suggested-by: Dan Williams <dan.j.williams@intel.com>
>> Reviewed-by: Dave Jiang <dave.jiang@intel.com>
>> Reviewed-by: Alison Schofield <alison.schofield@intel.com>
>> Signed-off-by: Li Ming <ming.li@zohomail.com>
> Hi Ming, I dropped this patch with Dan's comments [1] and updated cxl/next. Please check and make sure everything looks ok to you. Thanks!
>
> [1]: https://lore.kernel.org/linux-cxl/69b8b81621e16_452b100e@dwillia2-mobl4.notmuch/

Hi Dave,

I think there is no change needed in this patch, just need a independent 
patch for holding memdev lock in cxl_region_debugfs_poison_inject/clear.

Or you want to review this patch again?


Ming

>
>> ---
>>   drivers/cxl/mem.c | 10 ++++++++++
>>   1 file changed, 10 insertions(+)
>>
>> diff --git a/drivers/cxl/mem.c b/drivers/cxl/mem.c
>> index fcffe24dcb42..ab88eaa31d1d 100644
>> --- a/drivers/cxl/mem.c
>> +++ b/drivers/cxl/mem.c
>> @@ -48,6 +48,11 @@ static int cxl_mem_dpa_show(struct seq_file *file, void *data)
>>   static int cxl_debugfs_poison_inject(void *data, u64 dpa)
>>   {
>>   	struct cxl_memdev *cxlmd = data;
>> +	int rc;
>> +
>> +	ACQUIRE(device_intr, devlock)(&cxlmd->dev);
>> +	if ((rc = ACQUIRE_ERR(device_intr, &devlock)))
>> +		return rc;
>>   
>>   	return cxl_inject_poison(cxlmd, dpa);
>>   }
>> @@ -58,6 +63,11 @@ DEFINE_DEBUGFS_ATTRIBUTE(cxl_poison_inject_fops, NULL,
>>   static int cxl_debugfs_poison_clear(void *data, u64 dpa)
>>   {
>>   	struct cxl_memdev *cxlmd = data;
>> +	int rc;
>> +
>> +	ACQUIRE(device_intr, devlock)(&cxlmd->dev);
>> +	if ((rc = ACQUIRE_ERR(device_intr, &devlock)))
>> +		return rc;
>>   
>>   	return cxl_clear_poison(cxlmd, dpa);
>>   }
>>
Re: [PATCH v2 2/4] cxl/memdev: Hold memdev lock during memdev poison injection/clear
Posted by Dave Jiang 2 weeks, 5 days ago 

On 3/18/26 4:59 AM, Li Ming wrote:
> 
> 在 2026/3/17 23:00, Dave Jiang 写道:
>>
>> On 3/14/26 12:06 AM, Li Ming wrote:
>>> CXL memdev poison injection/clearing debugfs interfaces are visible
>>> before the CXL memdev endpoint initialization, If user accesses the
>>> interfaces before cxlmd->endpoint updated, it is possible to access an
>>> invalid endpoint in cxl_dpa_to_region().
>>>
>>> Hold CXL memdev lock at the beginning of the interfaces, this blocks the
>>> interfaces until CXL memdev probing completed.
>>>
>>> The following patch will check the given endpoint validity in
>>> cxl_dpa_to_region().
>>>
>>> Suggested-by: Dan Williams <dan.j.williams@intel.com>
>>> Reviewed-by: Dave Jiang <dave.jiang@intel.com>
>>> Reviewed-by: Alison Schofield <alison.schofield@intel.com>
>>> Signed-off-by: Li Ming <ming.li@zohomail.com>
>> Hi Ming, I dropped this patch with Dan's comments [1] and updated cxl/next. Please check and make sure everything looks ok to you. Thanks!
>>
>> [1]: https://lore.kernel.org/linux-cxl/69b8b81621e16_452b100e@dwillia2-mobl4.notmuch/
> 
> Hi Dave,
> 
> I think there is no change needed in this patch, just need a independent patch for holding memdev lock in cxl_region_debugfs_poison_inject/clear.
> 
> Or you want to review this patch again?

No. Maybe I misunderstood the comment from Dan. So we should keep this patch?

DJ
Re: [PATCH v2 2/4] cxl/memdev: Hold memdev lock during memdev poison injection/clear
Posted by Li Ming 2 weeks, 4 days ago 
在 2026/3/18 23:36, Dave Jiang 写道:
>
> On 3/18/26 4:59 AM, Li Ming wrote:
>> 在 2026/3/17 23:00, Dave Jiang 写道:
>>> On 3/14/26 12:06 AM, Li Ming wrote:
>>>> CXL memdev poison injection/clearing debugfs interfaces are visible
>>>> before the CXL memdev endpoint initialization, If user accesses the
>>>> interfaces before cxlmd->endpoint updated, it is possible to access an
>>>> invalid endpoint in cxl_dpa_to_region().
>>>>
>>>> Hold CXL memdev lock at the beginning of the interfaces, this blocks the
>>>> interfaces until CXL memdev probing completed.
>>>>
>>>> The following patch will check the given endpoint validity in
>>>> cxl_dpa_to_region().
>>>>
>>>> Suggested-by: Dan Williams <dan.j.williams@intel.com>
>>>> Reviewed-by: Dave Jiang <dave.jiang@intel.com>
>>>> Reviewed-by: Alison Schofield <alison.schofield@intel.com>
>>>> Signed-off-by: Li Ming <ming.li@zohomail.com>
>>> Hi Ming, I dropped this patch with Dan's comments [1] and updated cxl/next. Please check and make sure everything looks ok to you. Thanks!
>>>
>>> [1]: https://lore.kernel.org/linux-cxl/69b8b81621e16_452b100e@dwillia2-mobl4.notmuch/
>> Hi Dave,
>>
>> I think there is no change needed in this patch, just need a independent patch for holding memdev lock in cxl_region_debugfs_poison_inject/clear.
>>
>> Or you want to review this patch again?
> No. Maybe I misunderstood the comment from Dan. So we should keep this patch?
>
> DJ

Yes, I think so.


Ming

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.