[v2] vfio: Use WARN_ON for low-probability allocation failure issue in vfio_pci_bus_notifier
| Message ID | 20240115063434.20278-1-chentao@kylinos.cn |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel+bounces-25660-ouuuleilei=gmail.com@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:693c:2614:b0:101:6a76:bbe3 with SMTP id
mm20csp1532025dyc;
Sun, 14 Jan 2024 22:35:17 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IHth3qF7cMFLH2y5CSqFHHnr59by9DtAvPUao+PtkI3IADf/6u2wzapxkecdWQy2yFSDc/W
X-Received: by 2002:a17:902:fc4e:b0:1d3:a9bc:96ec with SMTP id
me14-20020a170902fc4e00b001d3a9bc96ecmr6701359plb.22.1705300517242;
Sun, 14 Jan 2024 22:35:17 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1705300517; cv=none;
d=google.com; s=arc-20160816;
b=LqvOW9F3DKPgQJ418vGiosSLHuINicOXqyBzYC+Lvan35LtIGQYt6lgWxBkQAHOvBP
4/bIsxN1EXK9DbRztfKh7lYBTPbw/M1dG6E3qqaVJMYQW1LLI105ovowbGp4bNMqCY2M
5cBDe0VbXOYeYQLJ6vm6RHTmRtpO2zPCur1Hq/1RL5lAKL0bbqZZEPQq3LaqtSzYn/nm
WqsaPLtZ3NVcZAdQ8LagmzzlwG+Vh/I5Ec0NZrjuYoe+r3Ur63bRDm2fOWZSERzs9HMD
8S11tY6fb6WjFYWAw0PNRmqAF8OUkaoIbgj++d3Pr21GguR94q6MFl5vkqBHfEnU8l/i
/aoQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=content-transfer-encoding:mime-version:list-unsubscribe
:list-subscribe:list-id:precedence:message-id:date:subject:cc:to
:from;
bh=DVGqlrN41UhJXR1s4fXfXMuVgL7U7h7KH87TAC5Xr+Q=;
fh=iubXruiasBqlL8CXS753YoZ4K4fVzYiGYiT5DHt4Vn8=;
b=WqYmZ0gv+CJ3ZfSZCJWlmhROWMgFjjgLkN7RzdeWUgthaFvn2wyfceM/qCq7G3I2wB
UpwWb3VszpBGd+M0FAPZYutNrN11PPXfx3xMytGNEQc2ZGQHqOIt9rvIY6Y46H0tzb6S
ESRh3jW/GINEAcpwQ1HGy7F6sYkVJsM46hODh80rqv8+imgz/e+y7bjFPygLY2wSdhDO
yKnrWhH3N57p3uBiOB7Dhdh7enAy9eAHpScNE7PyaJZfJs2cD+xa1XwDY+AuYj7907Wd
J+L//xu7YlTyq0FoNtr/DIwnUqKgbzWdlK7qNcdy3bM7+ICxv8qR7p6odRMLacFjNhsO
HPPw==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of
linux-kernel+bounces-25660-ouuuleilei=gmail.com@vger.kernel.org designates
2604:1380:40f1:3f00::1 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-25660-ouuuleilei=gmail.com@vger.kernel.org"
Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org.
[2604:1380:40f1:3f00::1])
by mx.google.com with ESMTPS id
m11-20020a170902db0b00b001d459d0ed40si9108548plx.345.2024.01.14.22.35.16
for <ouuuleilei@gmail.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Sun, 14 Jan 2024 22:35:17 -0800 (PST)
Received-SPF: pass (google.com: domain of
linux-kernel+bounces-25660-ouuuleilei=gmail.com@vger.kernel.org designates
2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of
linux-kernel+bounces-25660-ouuuleilei=gmail.com@vger.kernel.org designates
2604:1380:40f1:3f00::1 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-25660-ouuuleilei=gmail.com@vger.kernel.org"
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
[52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by sy.mirrors.kernel.org (Postfix) with ESMTPS id 20F9DB20E45
for <ouuuleilei@gmail.com>; Mon, 15 Jan 2024 06:35:16 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by smtp.subspace.kernel.org (Postfix) with ESMTP id B7C616ADC;
Mon, 15 Jan 2024 06:34:55 +0000 (UTC)
Received: from mailgw.kylinos.cn (mailgw.kylinos.cn [124.126.103.232])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9E65D522B;
Mon, 15 Jan 2024 06:34:49 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
dmarc=none (p=none dis=none) header.from=kylinos.cn
Authentication-Results: smtp.subspace.kernel.org;
spf=pass smtp.mailfrom=kylinos.cn
X-UUID: 37fabb17f9ea4358ab45ae9f4848a456-20240115
X-CID-O-RULE: Release_Ham
X-CID-RULE: Release_Ham
X-CID-O-INFO: VERSION:1.1.35,REQID:5cdaf591-cd0d-448e-841a-60b734cb7632,IP:10,
URL:0,TC:0,Content:-5,EDM:0,RT:0,SF:-15,FILE:0,BULK:0,RULE:Release_Ham,ACT
ION:release,TS:-10
X-CID-INFO: VERSION:1.1.35,REQID:5cdaf591-cd0d-448e-841a-60b734cb7632,IP:10,UR
L:0,TC:0,Content:-5,EDM:0,RT:0,SF:-15,FILE:0,BULK:0,RULE:Release_Ham,ACTIO
N:release,TS:-10
X-CID-META: VersionHash:5d391d7,CLOUDID:c7c35a7f-4f93-4875-95e7-8c66ea833d57,B
ulkID:240115143441BZBJPDFA,BulkQuantity:0,Recheck:0,SF:44|66|24|17|19|102,
TC:nil,Content:0,EDM:-3,IP:-2,URL:0,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0
,OSI:0,OSA:0,AV:0,LES:1,SPR:NO,DKR:0,DKP:0,BRR:0,BRE:0
X-CID-BVR: 0
X-CID-BAS: 0,_,0,_
X-CID-FACTOR: TF_CID_SPAM_FAS,TF_CID_SPAM_FSD,TF_CID_SPAM_FSI,TF_CID_SPAM_SNR
X-UUID: 37fabb17f9ea4358ab45ae9f4848a456-20240115
X-User: chentao@kylinos.cn
Received: from kernel.. [(116.128.244.171)] by mailgw
(envelope-from <chentao@kylinos.cn>)
(Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256)
with ESMTP id 233800738; Mon, 15 Jan 2024 14:34:38 +0800
From: Kunwu Chan <chentao@kylinos.cn>
To: alex.williamson@redhat.com
Cc: kvm@vger.kernel.org,
linux-kernel@vger.kernel.org,
Kunwu Chan <chentao@kylinos.cn>
Subject: [PATCH v2] vfio: Use WARN_ON for low-probability allocation failure
issue in vfio_pci_bus_notifier
Date: Mon, 15 Jan 2024 14:34:34 +0800
Message-Id: <20240115063434.20278-1-chentao@kylinos.cn>
X-Mailer: git-send-email 2.39.2
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1788137195173134834
X-GMAIL-MSGID: 1788137195173134834
|
| Series |
[v2] vfio: Use WARN_ON for low-probability allocation failure issue in vfio_pci_bus_notifier
|
|
Commit Message
Kunwu Chan
Jan. 15, 2024, 6:34 a.m. UTC
kasprintf() returns a pointer to dynamically allocated memory
which can be NULL upon failure.
This is a blocking notifier callback, so errno isn't a proper return
value. Use WARN_ON to small allocation failures.
Signed-off-by: Kunwu Chan <chentao@kylinos.cn>
---
v2: Use WARN_ON instead of return errno
---
drivers/vfio/pci/vfio_pci_core.c | 1 +
1 file changed, 1 insertion(+)
Comments
On Monday, January 15, 2024 2:35 PM, Kunwu Chan wrote: > kasprintf() returns a pointer to dynamically allocated memory which can be > NULL upon failure. > > This is a blocking notifier callback, so errno isn't a proper return value. Use > WARN_ON to small allocation failures. > > Signed-off-by: Kunwu Chan <chentao@kylinos.cn> > --- > v2: Use WARN_ON instead of return errno > --- > drivers/vfio/pci/vfio_pci_core.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/drivers/vfio/pci/vfio_pci_core.c b/drivers/vfio/pci/vfio_pci_core.c > index 1cbc990d42e0..61aa19666050 100644 > --- a/drivers/vfio/pci/vfio_pci_core.c > +++ b/drivers/vfio/pci/vfio_pci_core.c > @@ -2047,6 +2047,7 @@ static int vfio_pci_bus_notifier(struct notifier_block > *nb, > pci_name(pdev)); > pdev->driver_override = kasprintf(GFP_KERNEL, "%s", > vdev->vdev.ops->name); > + WARN_ON(!pdev->driver_override); Saw Alex's comments on v1. Curious why not return "NOTIFY_BAD" on errors though less likely? Similar examples could be found in kvm_pm_notifier_call, kasan_mem_notifier etc.
On Mon, 15 Jan 2024 15:41:02 +0000 "Wang, Wei W" <wei.w.wang@intel.com> wrote: > On Monday, January 15, 2024 2:35 PM, Kunwu Chan wrote: > > kasprintf() returns a pointer to dynamically allocated memory which can be > > NULL upon failure. > > > > This is a blocking notifier callback, so errno isn't a proper return value. Use > > WARN_ON to small allocation failures. > > > > Signed-off-by: Kunwu Chan <chentao@kylinos.cn> > > --- > > v2: Use WARN_ON instead of return errno > > --- > > drivers/vfio/pci/vfio_pci_core.c | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/drivers/vfio/pci/vfio_pci_core.c b/drivers/vfio/pci/vfio_pci_core.c > > index 1cbc990d42e0..61aa19666050 100644 > > --- a/drivers/vfio/pci/vfio_pci_core.c > > +++ b/drivers/vfio/pci/vfio_pci_core.c > > @@ -2047,6 +2047,7 @@ static int vfio_pci_bus_notifier(struct notifier_block > > *nb, > > pci_name(pdev)); > > pdev->driver_override = kasprintf(GFP_KERNEL, "%s", > > vdev->vdev.ops->name); > > + WARN_ON(!pdev->driver_override); > > Saw Alex's comments on v1. Curious why not return "NOTIFY_BAD" on errors though > less likely? Similar examples could be found in kvm_pm_notifier_call, kasan_mem_notifier etc. If the statement is that there are notifier call chains that return NOTIFY_BAD, I would absolutely agree, but the return value needs to be examined from the context of the caller. BUS_NOTIFY_ADD_DEVICE is notified via bus_notify() in device_add(). What does it accomplish to return NOTIFY_BAD in a chain that ignores the return value? At best we're preventing callbacks further down the chain from being called. That doesn't seem obviously beneficial either. The scenario here is similar to that in fail_iommu_bus_notify() where they've chosen to trigger a pr_warn() if they're unable to crease sysfs entries. In fact, a pci_warn(), maybe even pci_err() might be a better alternative here than a WARN_ON(). Thanks, Alex
On Tuesday, January 16, 2024 12:29 AM, Alex Williamson wrote: > > On Monday, January 15, 2024 2:35 PM, Kunwu Chan wrote: > > > kasprintf() returns a pointer to dynamically allocated memory which > > > can be NULL upon failure. > > > > > > This is a blocking notifier callback, so errno isn't a proper return > > > value. Use WARN_ON to small allocation failures. > > > > > > Signed-off-by: Kunwu Chan <chentao@kylinos.cn> > > > --- > > > v2: Use WARN_ON instead of return errno > > > --- > > > drivers/vfio/pci/vfio_pci_core.c | 1 + > > > 1 file changed, 1 insertion(+) > > > > > > diff --git a/drivers/vfio/pci/vfio_pci_core.c > > > b/drivers/vfio/pci/vfio_pci_core.c > > > index 1cbc990d42e0..61aa19666050 100644 > > > --- a/drivers/vfio/pci/vfio_pci_core.c > > > +++ b/drivers/vfio/pci/vfio_pci_core.c > > > @@ -2047,6 +2047,7 @@ static int vfio_pci_bus_notifier(struct > > > notifier_block *nb, > > > pci_name(pdev)); > > > pdev->driver_override = kasprintf(GFP_KERNEL, "%s", > > > vdev->vdev.ops->name); > > > + WARN_ON(!pdev->driver_override); > > > > Saw Alex's comments on v1. Curious why not return "NOTIFY_BAD" on > > errors though less likely? Similar examples could be found in > kvm_pm_notifier_call, kasan_mem_notifier etc. > > If the statement is that there are notifier call chains that return NOTIFY_BAD, I > would absolutely agree, but the return value needs to be examined from the > context of the caller. BUS_NOTIFY_ADD_DEVICE is notified via bus_notify() in > device_add(). What does it accomplish to return NOTIFY_BAD in a chain that > ignores the return value? At best we're preventing callbacks further down the > chain from being called. > That doesn't seem obviously beneficial either. OK, thanks for the clarification. My curiosity came from the statement "This is a blocking notifier callback, so errno isn't a proper return value". Probably the commit log needs some rewording.
On Mon, 15 Jan 2024 14:34:34 +0800 Kunwu Chan <chentao@kylinos.cn> wrote: > kasprintf() returns a pointer to dynamically allocated memory > which can be NULL upon failure. > > This is a blocking notifier callback, so errno isn't a proper return > value. Use WARN_ON to small allocation failures. > > Signed-off-by: Kunwu Chan <chentao@kylinos.cn> > --- > v2: Use WARN_ON instead of return errno > --- > drivers/vfio/pci/vfio_pci_core.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/drivers/vfio/pci/vfio_pci_core.c b/drivers/vfio/pci/vfio_pci_core.c > index 1cbc990d42e0..61aa19666050 100644 > --- a/drivers/vfio/pci/vfio_pci_core.c > +++ b/drivers/vfio/pci/vfio_pci_core.c > @@ -2047,6 +2047,7 @@ static int vfio_pci_bus_notifier(struct notifier_block *nb, > pci_name(pdev)); > pdev->driver_override = kasprintf(GFP_KERNEL, "%s", > vdev->vdev.ops->name); > + WARN_ON(!pdev->driver_override); > } else if (action == BUS_NOTIFY_BOUND_DRIVER && > pdev->is_virtfn && physfn == vdev->pdev) { > struct pci_driver *drv = pci_dev_driver(pdev); Applied to vfio next branch for v6.9. Thanks, Alex
diff --git a/drivers/vfio/pci/vfio_pci_core.c b/drivers/vfio/pci/vfio_pci_core.c index 1cbc990d42e0..61aa19666050 100644 --- a/drivers/vfio/pci/vfio_pci_core.c +++ b/drivers/vfio/pci/vfio_pci_core.c @@ -2047,6 +2047,7 @@ static int vfio_pci_bus_notifier(struct notifier_block *nb, pci_name(pdev)); pdev->driver_override = kasprintf(GFP_KERNEL, "%s", vdev->vdev.ops->name); + WARN_ON(!pdev->driver_override); } else if (action == BUS_NOTIFY_BOUND_DRIVER && pdev->is_virtfn && physfn == vdev->pdev) { struct pci_driver *drv = pci_dev_driver(pdev);