[PATCH v1 0/3] iommu/vt-d: real DMA sub-device info allocation
Jon Derrick
jonathan.derrick at intel.com
Wed May 27 16:56:14 UTC 2020
This set adds the support for real DMA sub-devices to have device_domain_info,
leading to the correct domain type being used.
This applies on Joerg's origin/next. This also applies against v5.6.12
and v5.7-rc7 with some API modifications, making it a stable candidate
that fixes the issue reported in [1].
For v5.6.12 and v5.7-rc7, identity_mapping() would return 0 for real DMA
sub-devices due to not having valid device_domain_info, leading to
__intel_map_single() paths. This is a problem if the real DMA device
started in IDENTITY, leading to a NULL Pointer Dereference:
__intel_map_single()
domain = find_domain(dev);
dev = &pci_real_dma_dev(to_pci_dev(dev))->dev;
info = dev->archdata.iommu;
return info->domain;
iommu = domain_get_iommu(domain)
if (WARN_ON(domain->domain.type != IOMMU_DOMAIN_DMA))
return NULL;
cap_zlr(iommu->cap) <-- NULL Pointer Deref
This issue was also fixed by 6fc7020cf298 ("iommu/vt-d: Apply per-device
dma_ops") due to removing identity_mapping() paths.
[1] https://bugzilla.kernel.org/show_bug.cgi?id=207575
Jon Derrick (3):
iommu/vt-d: Only clear real DMA device's context entries
iommu/vt-d: Allocate domain info for real DMA sub-devices
iommu/vt-d: Remove real DMA lookup in find_domain
drivers/iommu/intel-iommu.c | 31 +++++++++++++++++++++++--------
include/linux/intel-iommu.h | 1 +
2 files changed, 24 insertions(+), 8 deletions(-)
--
1.8.3.1
More information about the iommu
mailing list