Re: [PATCH] iommufd: Set domain->iommufd_hwpt in all hwpt->domain allocators

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jason Gunthorpe <jgg@nvidia.com>
To: Nicolin Chen <nicolinc@nvidia.com>
Cc: kevin.tian@intel.com, joro@8bytes.org, will@kernel.org,
	robin.murphy@arm.com, linux-arm-kernel@lists.infradead.org,
	iommu@lists.linux.dev, linux-kernel@vger.kernel.org,
	ankita@nvidia.com
Subject: Re: [PATCH] iommufd: Set domain->iommufd_hwpt in all hwpt->domain allocators
Date: Fri, 7 Mar 2025 16:03:48 -0400	[thread overview]
Message-ID: <20250307200348.GV354511@nvidia.com> (raw)
In-Reply-To: <20250305211800.229465-1-nicolinc@nvidia.com>

On Wed, Mar 05, 2025 at 01:18:00PM -0800, Nicolin Chen wrote:
> Setting domain->iommufd_hwpt in iommufd_hwpt_alloc() only covers the HWPT
> allocations from user space, but not for an auto domain. This resulted in
> a NULL pointer access in the auto domain pathway:
>  Unable to handle kernel NULL pointer dereference at
>  	virtual address 0000000000000008
>  pc : iommufd_sw_msi+0x54/0x2b0
>  lr : iommufd_sw_msi+0x40/0x2b0
>  Call trace:
>   iommufd_sw_msi+0x54/0x2b0 (P)
>   iommu_dma_prepare_msi+0x64/0xa8
>   its_irq_domain_alloc+0xf0/0x2c0
>   irq_domain_alloc_irqs_parent+0x2c/0xa8
>   msi_domain_alloc+0xa0/0x1a8
> 
> Since iommufd_sw_msi() requires to access the domain->iommufd_hwpt, it is
> better to set that explicitly prior to calling iommu_domain_set_sw_msi().
> 
> Fixes: 748706d7ca06 ("iommu: Turn fault_data to iommufd private pointer")
> Reported-by: Ankit Agrawal <ankita@nvidia.com>
> Signed-off-by: Nicolin Chen <nicolinc@nvidia.com>
> ---
>  drivers/iommu/iommufd/hw_pagetable.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)

Applied thanks

Jason

     prev parent reply	other threads:[~2025-03-07 20:05 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-03-05 21:18 [PATCH] iommufd: Set domain->iommufd_hwpt in all hwpt->domain allocators Nicolin Chen
2025-03-06  3:21 ` Tian, Kevin
2025-03-06 10:31   ` Ankit Agrawal
2025-03-07 20:03 ` Jason Gunthorpe [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250307200348.GV354511@nvidia.com \
    --to=jgg@nvidia.com \
    --cc=ankita@nvidia.com \
    --cc=iommu@lists.linux.dev \
    --cc=joro@8bytes.org \
    --cc=kevin.tian@intel.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=nicolinc@nvidia.com \
    --cc=robin.murphy@arm.com \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.