All of lore.kernel.org
 help / color / mirror / Atom feed

From: David Woodhouse <dwmw2@infradead.org>
To: Johnathan Smithinovic <johnathan.smithinovic@gmx.at>,
	tglx@linutronix.de, mingo@redhat.com, bp@alien8.de
Cc: x86@kernel.org, linux-kernel@vger.kernel.org,
	iommu <iommu@lists.linux-foundation.org>,
	Will Deacon <will@kernel.org>, Joerg Roedel <joro@8bytes.org>
Subject: [PATCH] iommu/amd: Stop irq_remapping_select() matching when remapping is disabled
Date: Tue, 05 Jan 2021 01:36:13 +0000	[thread overview]
Message-ID: <04bbe8bca87f81a3cfa93ec4299e53f47e00e5b3.camel@infradead.org> (raw)
In-Reply-To: <ed4be9b4-24ac-7128-c522-7ef359e8185d@gmx.at>

[-- Attachment #1: Type: text/plain, Size: 1587 bytes --]

From: David Woodhouse <dwmw@amazon.co.uk>

The AMD IOMMU initialisation registers the IRQ remapping domain for
each IOMMU before doing the final sanity check that every I/OAPIC is
covered.

This means that the AMD irq_remapping_select() function gets invoked
even when IRQ remapping has been disabled, eventually leading to a NULL
pointer dereference in alloc_irq_table().

Unfortunately, the IVRS isn't fully parsed early enough that the sanity
check can be done in time to registering the IRQ domain altogether.
Doing that would be nice, but is a larger and more error-prone task. The
simple fix is just for irq_remapping_select() to refuse to report a
match when IRQ remapping has disabled.

Link: https://lore.kernel.org/lkml/ed4be9b4-24ac-7128-c522-7ef359e8185d@gmx.at
Fixes: a1a785b57242 ("iommu/amd: Implement select() method on remapping irqdomain")
Reported-by: Johnathan Smithinovic <johnathan.smithinovic@gmx.at>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
---
 drivers/iommu/amd/iommu.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/iommu/amd/iommu.c b/drivers/iommu/amd/iommu.c
index 7e2c445a1fae..f0adbc48fd17 100644
--- a/drivers/iommu/amd/iommu.c
+++ b/drivers/iommu/amd/iommu.c
@@ -3854,6 +3854,9 @@ static int irq_remapping_select(struct irq_domain *d, struct irq_fwspec *fwspec,
 	struct amd_iommu *iommu;
 	int devid = -1;
 
+	if (!amd_iommu_irq_remap)
+		return 0;
+
 	if (x86_fwspec_is_ioapic(fwspec))
 		devid = get_ioapic_devid(fwspec->param[0]);
 	else if (x86_fwspec_is_hpet(fwspec))
-- 
2.29.2


[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 5174 bytes --]

WARNING: multiple messages have this Message-ID (diff)

From: David Woodhouse <dwmw2@infradead.org>
To: Johnathan Smithinovic <johnathan.smithinovic@gmx.at>,
	tglx@linutronix.de,  mingo@redhat.com, bp@alien8.de
Cc: iommu <iommu@lists.linux-foundation.org>,
	x86@kernel.org, Will Deacon <will@kernel.org>,
	linux-kernel@vger.kernel.org
Subject: [PATCH] iommu/amd: Stop irq_remapping_select() matching when remapping is disabled
Date: Tue, 05 Jan 2021 01:36:13 +0000	[thread overview]
Message-ID: <04bbe8bca87f81a3cfa93ec4299e53f47e00e5b3.camel@infradead.org> (raw)
In-Reply-To: <ed4be9b4-24ac-7128-c522-7ef359e8185d@gmx.at>


[-- Attachment #1.1: Type: text/plain, Size: 1587 bytes --]

From: David Woodhouse <dwmw@amazon.co.uk>

The AMD IOMMU initialisation registers the IRQ remapping domain for
each IOMMU before doing the final sanity check that every I/OAPIC is
covered.

This means that the AMD irq_remapping_select() function gets invoked
even when IRQ remapping has been disabled, eventually leading to a NULL
pointer dereference in alloc_irq_table().

Unfortunately, the IVRS isn't fully parsed early enough that the sanity
check can be done in time to registering the IRQ domain altogether.
Doing that would be nice, but is a larger and more error-prone task. The
simple fix is just for irq_remapping_select() to refuse to report a
match when IRQ remapping has disabled.

Link: https://lore.kernel.org/lkml/ed4be9b4-24ac-7128-c522-7ef359e8185d@gmx.at
Fixes: a1a785b57242 ("iommu/amd: Implement select() method on remapping irqdomain")
Reported-by: Johnathan Smithinovic <johnathan.smithinovic@gmx.at>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
---
 drivers/iommu/amd/iommu.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/iommu/amd/iommu.c b/drivers/iommu/amd/iommu.c
index 7e2c445a1fae..f0adbc48fd17 100644
--- a/drivers/iommu/amd/iommu.c
+++ b/drivers/iommu/amd/iommu.c
@@ -3854,6 +3854,9 @@ static int irq_remapping_select(struct irq_domain *d, struct irq_fwspec *fwspec,
 	struct amd_iommu *iommu;
 	int devid = -1;
 
+	if (!amd_iommu_irq_remap)
+		return 0;
+
 	if (x86_fwspec_is_ioapic(fwspec))
 		devid = get_ioapic_devid(fwspec->param[0]);
 	else if (x86_fwspec_is_hpet(fwspec))
-- 
2.29.2


[-- Attachment #1.2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 5174 bytes --]

[-- Attachment #2: Type: text/plain, Size: 156 bytes --]

_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu

next prev parent reply	other threads:[~2021-01-05  1:37 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-01-04 23:05 PROBLEM: commit f36a74b9345a leads to not booting system with AMD 2990WX Johnathan Smithinovic
2021-01-05  0:19 ` [EXTERNAL] " David Woodhouse
2021-01-05  0:19   ` David Woodhouse
2021-01-05  2:24   ` Johnathan Smithinovic
2021-01-05  2:24     ` Johnathan Smithinovic
2021-01-05  1:36 ` David Woodhouse [this message]
2021-01-05  1:36   ` [PATCH] iommu/amd: Stop irq_remapping_select() matching when remapping is disabled David Woodhouse
2021-01-05 22:07   ` Will Deacon
2021-01-05 22:07     ` Will Deacon

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:7e2c445a1fa dfblob:7e2c445a1fa dfblob:f0adbc48fd1
dfblob:f0adbc48fd1
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=04bbe8bca87f81a3cfa93ec4299e53f47e00e5b3.camel@infradead.org \
    --to=dwmw2@infradead.org \
    --cc=bp@alien8.de \
    --cc=iommu@lists.linux-foundation.org \
    --cc=johnathan.smithinovic@gmx.at \
    --cc=joro@8bytes.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=tglx@linutronix.de \
    --cc=will@kernel.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.