* [PATCH v2] iommu: Check if group is NULL before remove device
@ 2021-07-31 7:47 ` Frank Wunderlich
0 siblings, 0 replies; 4+ messages in thread
From: Frank Wunderlich @ 2021-07-31 7:47 UTC (permalink / raw)
To: iommu; +Cc: Frank Wunderlich, Joerg Roedel, Will Deacon, linux-kernel, yong.wu
From: Frank Wunderlich <frank-w@public-files.de>
If probe_device is failing, iommu_group is not initialized because
iommu_group_add_device is not reached, so freeing it will result
in NULL pointer access.
iommu_bus_init
->bus_iommu_probe
->probe_iommu_group in for each:/* return -22 in fail case */
->iommu_probe_device
->__iommu_probe_device /* return -22 here.*/
-> ops->probe_device /* return -22 here.*/
-> iommu_group_get_for_dev
-> ops->device_group
-> iommu_group_add_device //good case
->remove_iommu_group //in fail case, it will remove group
->iommu_release_device
->iommu_group_remove_device // here we don't have group
In my case ops->probe_device (mtk_iommu_probe_device from
mtk_iommu_v1.c) is due to failing fwspec->ops mismatch.
Fixes: d72e31c93746 ("iommu: IOMMU Groups")
Signed-off-by: Frank Wunderlich <frank-w@public-files.de>
---
v2:
- commit-message with captial letters on beginning of sentenence
- added more information, many thanks to Yong Wu
---
drivers/iommu/iommu.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
index 5419c4b9f27a..63f0af10c403 100644
--- a/drivers/iommu/iommu.c
+++ b/drivers/iommu/iommu.c
@@ -924,6 +924,9 @@ void iommu_group_remove_device(struct device *dev)
struct iommu_group *group = dev->iommu_group;
struct group_device *tmp_device, *device = NULL;
+ if (!group)
+ return;
+
dev_info(dev, "Removing from iommu group %d\n", group->id);
/* Pre-notify listeners that a device is being removed. */
--
2.25.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH v2] iommu: Check if group is NULL before remove device
@ 2021-07-31 7:47 ` Frank Wunderlich
0 siblings, 0 replies; 4+ messages in thread
From: Frank Wunderlich @ 2021-07-31 7:47 UTC (permalink / raw)
To: iommu; +Cc: Will Deacon, linux-kernel, Frank Wunderlich
From: Frank Wunderlich <frank-w@public-files.de>
If probe_device is failing, iommu_group is not initialized because
iommu_group_add_device is not reached, so freeing it will result
in NULL pointer access.
iommu_bus_init
->bus_iommu_probe
->probe_iommu_group in for each:/* return -22 in fail case */
->iommu_probe_device
->__iommu_probe_device /* return -22 here.*/
-> ops->probe_device /* return -22 here.*/
-> iommu_group_get_for_dev
-> ops->device_group
-> iommu_group_add_device //good case
->remove_iommu_group //in fail case, it will remove group
->iommu_release_device
->iommu_group_remove_device // here we don't have group
In my case ops->probe_device (mtk_iommu_probe_device from
mtk_iommu_v1.c) is due to failing fwspec->ops mismatch.
Fixes: d72e31c93746 ("iommu: IOMMU Groups")
Signed-off-by: Frank Wunderlich <frank-w@public-files.de>
---
v2:
- commit-message with captial letters on beginning of sentenence
- added more information, many thanks to Yong Wu
---
drivers/iommu/iommu.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
index 5419c4b9f27a..63f0af10c403 100644
--- a/drivers/iommu/iommu.c
+++ b/drivers/iommu/iommu.c
@@ -924,6 +924,9 @@ void iommu_group_remove_device(struct device *dev)
struct iommu_group *group = dev->iommu_group;
struct group_device *tmp_device, *device = NULL;
+ if (!group)
+ return;
+
dev_info(dev, "Removing from iommu group %d\n", group->id);
/* Pre-notify listeners that a device is being removed. */
--
2.25.1
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH v2] iommu: Check if group is NULL before remove device
2021-07-31 7:47 ` Frank Wunderlich
@ 2021-08-02 14:23 ` Joerg Roedel
-1 siblings, 0 replies; 4+ messages in thread
From: Joerg Roedel @ 2021-08-02 14:23 UTC (permalink / raw)
To: Frank Wunderlich
Cc: iommu, Frank Wunderlich, Will Deacon, linux-kernel, yong.wu
On Sat, Jul 31, 2021 at 09:47:37AM +0200, Frank Wunderlich wrote:
> Fixes: d72e31c93746 ("iommu: IOMMU Groups")
> Signed-off-by: Frank Wunderlich <frank-w@public-files.de>
> ---
> v2:
> - commit-message with captial letters on beginning of sentenence
> - added more information, many thanks to Yong Wu
Applied, thanks.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH v2] iommu: Check if group is NULL before remove device
@ 2021-08-02 14:23 ` Joerg Roedel
0 siblings, 0 replies; 4+ messages in thread
From: Joerg Roedel @ 2021-08-02 14:23 UTC (permalink / raw)
To: Frank Wunderlich; +Cc: iommu, Will Deacon, linux-kernel, Frank Wunderlich
On Sat, Jul 31, 2021 at 09:47:37AM +0200, Frank Wunderlich wrote:
> Fixes: d72e31c93746 ("iommu: IOMMU Groups")
> Signed-off-by: Frank Wunderlich <frank-w@public-files.de>
> ---
> v2:
> - commit-message with captial letters on beginning of sentenence
> - added more information, many thanks to Yong Wu
Applied, thanks.
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-08-02 14:25 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-31 7:47 [PATCH v2] iommu: Check if group is NULL before remove device Frank Wunderlich
2021-07-31 7:47 ` Frank Wunderlich
2021-08-02 14:23 ` Joerg Roedel
2021-08-02 14:23 ` Joerg Roedel
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.