Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 4 product line. The current stable release is 4.9. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 164628

Summary: pci_scan_device can cause master abort
Product: Red Hat Enterprise Linux 4 Reporter: Kimball Murray <kimball.murray>
Component: kernelAssignee: Kimball Murray <kmurray>
Status: CLOSED ERRATA QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.0CC: jbaron
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHSA-2005-514 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-10-05 13:46:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 156322    

Description Kimball Murray 2005-07-29 14:25:08 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030225

Description of problem:
pci_scan_device reads the header type from configuration space before checking if a valid vendor id can be read.  The vendor id should be read first to verify that a particular pci function exists.  Only after a valid vendor id is found should software then read other configuration registers. Failing to adhere to this order causes a master abort, which may be detected and reported on platforms whose pci bridges have that reporting capability.

Version-Release number of selected component (if applicable):
kernel-2.6.9-11

How reproducible:
Always

Steps to Reproduce:
1. Turn on error reporting in the pci bridge
2. insert a dual-port gigabit card in a pci hotplug slot
3. bringup the card using pci_scan_slot.
  

Actual Results:  bridge detects master abort from function 2 of the hotplug slot.  Function 2 does not exist.

Expected Results:  pci_scan_device should have returned from scanning function 2 without having read anything but vendor/device id.

Additional info:

This bug has been fixed upstream already.
Comment 1 Kimball Murray 2005-07-29 14:31:00 UTC 
Suggested fix:

--- linux-2.6.9/drivers/pci/probe.c     2005-06-24 13:01:57.000000000 -0400
+++ /root/cvs/stratus/kernel-2.6.9/linux-2.6.9/drivers/pci/probe.c     
2005-07-29 09:48:10.000000000 -0400
@@ -590,9 +590,6 @@
        u32 l;
        u8 hdr_type;

-       if (pci_bus_read_config_byte(bus, devfn, PCI_HEADER_TYPE, &hdr_type))
-               return NULL;
-
        if (pci_bus_read_config_dword(bus, devfn, PCI_VENDOR_ID, &l))
                return NULL;

@@ -601,6 +598,9 @@
            l == 0x0000ffff || l == 0xffff0000)
                return NULL;

+       if (pci_bus_read_config_byte(bus, devfn, PCI_HEADER_TYPE, &hdr_type))
+               return NULL;
+
        dev = kmalloc(sizeof(struct pci_dev), GFP_KERNEL);
        if (!dev)
                return NULL;
Comment 6 Red Hat Bugzilla 2005-10-05 13:46:30 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-514.html