[PATCH v2] iommu/arm-smmu-v3: Free MSIs in case of ENOMEM

Mostafa Saleh smostafa at google.com
Tue Apr 9 03:43:15 PDT 2024 

Hi Aleksandr,

On Wed, Apr 03, 2024 at 12:37:59PM +0700, Aleksandr Aprelkov wrote:
> If devm_add_action() returns ENOMEM, then MSIs allocated but
> not freed on teardown.
> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
> 
> Fixes: 166bdbd23161 ("iommu/arm-smmu: Add support for MSI on SMMUv3")
> Signed-off-by: Aleksandr Aprelkov <aaprelkov at usergate.com>
> ---
> v2: Use appropriate function for registration failure as 
> Jonathan Cameron <Jonathan.Cameron at Huawei.com> suggested.
> 
>  drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c
> index 41f93c3ab160..8800af041e5f 100644
> --- a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c
> +++ b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c
> @@ -3402,7 +3402,9 @@ static void arm_smmu_setup_msis(struct arm_smmu_device *smmu)
>  	smmu->priq.q.irq = msi_get_virq(dev, PRIQ_MSI_INDEX);
>  
>  	/* Add callback to free MSIs on teardown */
> -	devm_add_action(dev, arm_smmu_free_msis, dev);
> +	ret = devm_add_action_or_reset(dev, arm_smmu_free_msis, dev);
> +	if (ret)
> +		dev_warn(dev, "failed to add free MSIs callback - falling back to wired irqs\n");

I am not sure that is the right fix, as allowing the driver to probe
without MSIs, seems worse than leaking MSI memory.

IMHO, we can just add something like:
    dev_err(smmu->dev, “Can’t allocate devm action, MSIs are never freed! !\n”) ;

Also, we can’t unconditionally fallback to wired irqs if MSI exists,
according to the user manual:
    An implementation must support one of, or optionally both of,
    wired interrupts and MSIs
    ...
    The discovery of support for wired interrupts is IMPLEMENTATION DEFINED.

We can add some logic, to check dt/acpi irqs and to choose to fallback
or not based on that, but, if we get -ENOMEM, (especially early at
probe) something really went wrong, so I am not sure it’s worth
the complexity.

>  }
>  
>  static void arm_smmu_setup_unique_irqs(struct arm_smmu_device *smmu)
> -- 
> 2.34.1
> 
Thanks,
Mostafa

More information about the linux-arm-kernel mailing list