Re: [PATCH v2 2/4] cxl/memdev: Hold memdev lock during memdev poison injection/clear
From: Dave Jiang
Date: Tue Mar 17 2026 - 11:04:17 EST
On 3/14/26 12:06 AM, Li Ming wrote:
> CXL memdev poison injection/clearing debugfs interfaces are visible
> before the CXL memdev endpoint initialization, If user accesses the
> interfaces before cxlmd->endpoint updated, it is possible to access an
> invalid endpoint in cxl_dpa_to_region().
>
> Hold CXL memdev lock at the beginning of the interfaces, this blocks the
> interfaces until CXL memdev probing completed.
>
> The following patch will check the given endpoint validity in
> cxl_dpa_to_region().
>
> Suggested-by: Dan Williams <dan.j.williams@xxxxxxxxx>
> Reviewed-by: Dave Jiang <dave.jiang@xxxxxxxxx>
> Reviewed-by: Alison Schofield <alison.schofield@xxxxxxxxx>
> Signed-off-by: Li Ming <ming.li@xxxxxxxxxxxx>
Hi Ming, I dropped this patch with Dan's comments [1] and updated cxl/next. Please check and make sure everything looks ok to you. Thanks!
[1]: https://lore.kernel.org/linux-cxl/69b8b81621e16_452b100e@dwillia2-mobl4.notmuch/
> ---
> drivers/cxl/mem.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/drivers/cxl/mem.c b/drivers/cxl/mem.c
> index fcffe24dcb42..ab88eaa31d1d 100644
> --- a/drivers/cxl/mem.c
> +++ b/drivers/cxl/mem.c
> @@ -48,6 +48,11 @@ static int cxl_mem_dpa_show(struct seq_file *file, void *data)
> static int cxl_debugfs_poison_inject(void *data, u64 dpa)
> {
> struct cxl_memdev *cxlmd = data;
> + int rc;
> +
> + ACQUIRE(device_intr, devlock)(&cxlmd->dev);
> + if ((rc = ACQUIRE_ERR(device_intr, &devlock)))
> + return rc;
>
> return cxl_inject_poison(cxlmd, dpa);
> }
> @@ -58,6 +63,11 @@ DEFINE_DEBUGFS_ATTRIBUTE(cxl_poison_inject_fops, NULL,
> static int cxl_debugfs_poison_clear(void *data, u64 dpa)
> {
> struct cxl_memdev *cxlmd = data;
> + int rc;
> +
> + ACQUIRE(device_intr, devlock)(&cxlmd->dev);
> + if ((rc = ACQUIRE_ERR(device_intr, &devlock)))
> + return rc;
>
> return cxl_clear_poison(cxlmd, dpa);
> }
>