From: "Rafael J. Wysocki" <rjw@rjwysocki.net>
To: Linux ACPI <linux-acpi@vger.kernel.org>
Cc: LKML <linux-kernel@vger.kernel.org>, Bob Moore <robert.moore@intel.com>
Subject: [PATCH 10/19] ACPICA: Fix wrong interpretation of PCC address
Date: Wed, 22 Dec 2021 17:31:54 +0100 [thread overview]
Message-ID: <1714635.VLH7GnMWUR@kreacher> (raw)
In-Reply-To: <11889746.O9o76ZdvQC@kreacher>
From: Sudeep Holla <sudeep.holla@arm.com>
ACPICA commit 41be6afacfdaec2dba3a5ed368736babc2a7aa5c
With the PCC Opregion in the firmware and we are hitting below kernel crash:
-->8
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010
Workqueue: pm pm_runtime_work
pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __memcpy+0x54/0x260
lr : acpi_ex_write_data_to_field+0xb8/0x194
Call trace:
__memcpy+0x54/0x260
acpi_ex_store_object_to_node+0xa4/0x1d4
acpi_ex_store+0x44/0x164
acpi_ex_opcode_1A_1T_1R+0x25c/0x508
acpi_ds_exec_end_op+0x1b4/0x44c
acpi_ps_parse_loop+0x3a8/0x614
acpi_ps_parse_aml+0x90/0x2f4
acpi_ps_execute_method+0x11c/0x19c
acpi_ns_evaluate+0x1ec/0x2b0
acpi_evaluate_object+0x170/0x2b0
acpi_device_set_power+0x118/0x310
acpi_dev_suspend+0xd4/0x180
acpi_subsys_runtime_suspend+0x28/0x38
__rpm_callback+0x74/0x328
rpm_suspend+0x2d8/0x624
pm_runtime_work+0xa4/0xb8
process_one_work+0x194/0x25c
worker_thread+0x260/0x49c
kthread+0x14c/0x30c
ret_from_fork+0x10/0x20
Code: f9000006 f81f80a7 d65f03c0 361000c2 (b9400026)
---[ end trace 24d8a032fa77b68a ]---
The reason for the crash is that the PCC channel index passed via region.address
in acpi_ex_store_object_to_node is interpreted as the channel subtype
incorrectly.
Assuming the PCC op_region support is not used by any other type, let us
remove the subtype check as the AML has no access to the subtype information.
Once we remove it, the kernel crash disappears and correctly complains about
missing PCC Opregion handler.
ACPI Error: No handler for Region [PFRM] ((____ptrval____)) [PCC] (20210730/evregion-130)
ACPI Error: Region PCC (ID=10) has no handler (20210730/exfldio-261)
ACPI Error: Aborting method \_SB.ETH0._PS3 due to previous error (AE_NOT_EXIST) (20210730/psparse-531)
Link: https://github.com/acpica/acpica/commit/41be6afa
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
Signed-off-by: Bob Moore <robert.moore@intel.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
---
drivers/acpi/acpica/exfield.c | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/drivers/acpi/acpica/exfield.c b/drivers/acpi/acpica/exfield.c
index 06f3c9df1e22..8618500f23b3 100644
--- a/drivers/acpi/acpica/exfield.c
+++ b/drivers/acpi/acpica/exfield.c
@@ -330,12 +330,7 @@ acpi_ex_write_data_to_field(union acpi_operand_object *source_desc,
obj_desc->field.base_byte_offset,
source_desc->buffer.pointer, data_length);
- if ((obj_desc->field.region_obj->region.address ==
- PCC_MASTER_SUBSPACE
- && MASTER_SUBSPACE_COMMAND(obj_desc->field.
- base_byte_offset))
- || GENERIC_SUBSPACE_COMMAND(obj_desc->field.
- base_byte_offset)) {
+ if (MASTER_SUBSPACE_COMMAND(obj_desc->field.base_byte_offset)) {
/* Perform the write */
--
2.26.2
next prev parent reply other threads:[~2021-12-22 16:43 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-22 15:56 [PATCH 00/19] ACPICA: ACPICA 20211217 Rafael J. Wysocki
2021-12-22 15:57 ` [PATCH 01/19] ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions Rafael J. Wysocki
2021-12-22 16:21 ` [PATCH 02/19] ACPICA: Use original data_table_region pointer for accesses Rafael J. Wysocki
2021-12-22 16:22 ` [PATCH 03/19] ACPICA: Use original pointer for virtual origin tables Rafael J. Wysocki
2021-12-22 16:23 ` [PATCH 04/19] ACPICA: Macros: Remove ACPI_PHYSADDR_TO_PTR Rafael J. Wysocki
2021-12-22 16:24 ` [PATCH 05/19] ACPICA: Avoid subobject buffer overflow when validating RSDP signature Rafael J. Wysocki
2021-12-22 16:25 ` [PATCH 06/19] ACPICA: iASL/Disassembler: Additional support for NHLT table Rafael J. Wysocki
2021-12-22 16:28 ` [PATCH 07/19] ACPICA: Fix AEST Processor generic resource substructure data field byte length Rafael J. Wysocki
2021-12-22 16:29 ` [PATCH 08/19] ACPICA: Utilities: Avoid deleting the same object twice in a row Rafael J. Wysocki
2021-12-22 16:31 ` [PATCH 09/19] ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() Rafael J. Wysocki
2021-12-22 16:31 ` Rafael J. Wysocki [this message]
2021-12-22 16:32 ` [PATCH 11/19] ACPICA: Add support for PCC Opregion special context data Rafael J. Wysocki
2021-12-22 16:33 ` [PATCH 12/19] ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 Rafael J. Wysocki
2021-12-22 16:35 ` [PATCH 14/19] ACPICA: Change a return_ACPI_STATUS (AE_BAD_PARAMETER) Rafael J. Wysocki
2021-12-22 16:35 ` [PATCH 15/19] ACPICA: Fixed a couple of warnings under MSVC Rafael J. Wysocki
2021-12-22 16:36 ` [PATCH 16/19] ACPICA: iASL: Add TDEL table to both compiler/disassembler Rafael J. Wysocki
2021-12-22 16:37 ` [PATCH 17/19] ACPICA: iASL: Add suppport for AGDI table Rafael J. Wysocki
2021-12-22 16:37 ` [PATCH 18/19] ACPICA: iASL/NHLT table: "Specific Data" field support Rafael J. Wysocki
2021-12-22 16:38 ` [PATCH 19/19] ACPICA: Update version to 20211217 Rafael J. Wysocki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1714635.VLH7GnMWUR@kreacher \
--to=rjw@rjwysocki.net \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=robert.moore@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).