From: Huang Rui <ray.huang@amd.com>
To: iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org
Cc: Joerg Roedel <jroedel@suse.de>, Xiaojian Du <xiaojian.du@amd.com>,
stable@vger.kernel.org, Huang Rui <ray.huang@amd.com>,
Alex Deucher <alexander.deucher@amd.com>
Subject: [PATCH] iommu/amd: Fix iommu remap panic while amd_iommu is set to disable
Date: Thu, 11 Mar 2021 22:28:07 +0800 [thread overview]
Message-ID: <20210311142807.705080-1-ray.huang@amd.com> (raw)
While amd_iommu is set to disable in cmd line, it will free the iommu
resources. Then the pages of rlookup table is freed as well. If that, we
have to check rlookup table in irq_remapping_select(), otherwise, it
will trigger a kernel panic below.
[ 2.245855] BUG: kernel NULL pointer dereference, address: 0000000000000500
[ 2.252861] #PF: supervisor read access in kernel mode
[ 2.258053] #PF: error_code(0x0000) - not-present page
[ 2.263247] PGD 0 P4D 0
[ 2.265844] Oops: 0000 [#1] SMP NOPTI
[ 2.269570] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.11.0-custom #1
[ 2.276150] Hardware name: AMD Chachani-VN/Chachani-VN, BIOS VCH162755N.FD 03/04/2021
[ 2.284085] RIP: 0010:irq_remapping_select+0x5c/0xb0
[ 2.289107] Code: 4b 0c 48 3d 70 7c c8 8f 75 0d eb 35 48 8b 00 48 3d 70 7c c8 8f 74 2a 0f b6 50 10 39 d1 75 ed 0f b7 40 12 48 8b 15 f4 8a 3b 02 <48> 8b 14 c2 48 85 d2 74 0e b8 01 00 00 00 4c 3b a2 90 04 00 00 74
[ 2.307999] RSP: 0000:ffffffff8f403d40 EFLAGS: 00010246
[ 2.313285] RAX: 00000000000000a0 RBX: ffffffff8f403d98 RCX: 0000000000000021
[ 2.320471] RDX: 0000000000000000 RSI: 000000000000000a RDI: ffff8cbb4006118a
[ 2.327658] RBP: ffffffff8f403d50 R08: 0000000000000021 R09: 0000000000000002
[ 2.334838] R10: 000000000000000a R11: f000000000000000 R12: ffff8cbb401bfe40
[ 2.342022] R13: 0000000000000000 R14: ffff8cbb401be900 R15: 0000000000000000
[ 2.349210] FS: 0000000000000000(0000) GS:ffff8cbd73e00000(0000) knlGS:0000000000000000
[ 2.357399] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2.363198] CR2: 0000000000000500 CR3: 00000002dae0a000 CR4: 00000000000406b0
[ 2.370382] Call Trace:
[ 2.372897] irq_find_matching_fwspec+0x48/0xd0
[ 2.377489] mp_irqdomain_create+0x7c/0x180
[ 2.381736] ? __raw_callee_save___native_queued_spin_unlock+0x15/0x23
[ 2.388320] setup_IO_APIC+0x81/0x875
[ 2.392048] ? clear_IO_APIC_pin+0xd6/0x130
[ 2.396294] ? clear_IO_APIC+0x39/0x60
[ 2.400103] apic_intr_mode_init+0x107/0x10a
[ 2.404432] x86_late_time_init+0x24/0x35
[ 2.408507] start_kernel+0x509/0x5c7
[ 2.412230] x86_64_start_reservations+0x24/0x26
[ 2.416911] x86_64_start_kernel+0x75/0x79
[ 2.421068] secondary_startup_64_no_verify+0xb0/0xbb
Fixes: a1a785b572425 ("iommu/amd: Implement select() method on remapping irqdomain")
Tested-by: Xiaojian Du <xiaojian.du@amd.com>
Signed-off-by: Huang Rui <ray.huang@amd.com>
Cc: Joerg Roedel <jroedel@suse.de>
Cc: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
Cc: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
---
drivers/iommu/amd/iommu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/iommu/amd/iommu.c b/drivers/iommu/amd/iommu.c
index f0adbc48fd17..a08e885403b7 100644
--- a/drivers/iommu/amd/iommu.c
+++ b/drivers/iommu/amd/iommu.c
@@ -3862,7 +3862,7 @@ static int irq_remapping_select(struct irq_domain *d, struct irq_fwspec *fwspec,
else if (x86_fwspec_is_hpet(fwspec))
devid = get_hpet_devid(fwspec->param[0]);
- if (devid < 0)
+ if (devid < 0 || !amd_iommu_rlookup_table)
return 0;
iommu = amd_iommu_rlookup_table[devid];
--
2.25.1
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
next reply other threads:[~2021-03-11 14:26 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-11 14:28 Huang Rui [this message]
2021-03-16 13:16 ` [PATCH] iommu/amd: Fix iommu remap panic while amd_iommu is set to disable Joerg Roedel
2021-03-16 13:36 ` Huang Rui
2021-03-16 15:00 ` Joerg Roedel
2021-03-17 10:46 ` Huang Rui
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210311142807.705080-1-ray.huang@amd.com \
--to=ray.huang@amd.com \
--cc=alexander.deucher@amd.com \
--cc=iommu@lists.linux-foundation.org \
--cc=jroedel@suse.de \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=xiaojian.du@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).