* [PATCH] iommu: apple-dart: fix potential null pointer deref
@ 2025-03-14 23:01 Qasim Ijaz
2025-03-14 23:51 ` Alyssa Rosenzweig
0 siblings, 1 reply; 2+ messages in thread
From: Qasim Ijaz @ 2025-03-14 23:01 UTC (permalink / raw)
To: marcan, fnkl.kernel, Sven Peter, Janne Grunau, Alyssa Rosenzweig,
Joerg Roedel, Will Deacon, Robin Murphy
Cc: asahi, linux-arm-kernel, iommu, linux-kernel
If kzalloc() fails, accessing cfg->supports_bypass causes a null pointer dereference.
Fix by checking for NULL immediately after allocation and returning -ENOMEM.
Fixes: 3bc0102835f6 ("iommu: apple-dart: Allow mismatched bypass support")
Signed-off-by: Qasim Ijaz <qasdev00@gmail.com>
---
drivers/iommu/apple-dart.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/drivers/iommu/apple-dart.c b/drivers/iommu/apple-dart.c
index 13ccb801f52a..e13501541fdd 100644
--- a/drivers/iommu/apple-dart.c
+++ b/drivers/iommu/apple-dart.c
@@ -797,12 +797,11 @@ static int apple_dart_of_xlate(struct device *dev,
if (!cfg) {
cfg = kzalloc(sizeof(*cfg), GFP_KERNEL);
-
+ if (!cfg)
+ return -ENOMEM;
/* Will be ANDed with DART capabilities */
cfg->supports_bypass = true;
}
- if (!cfg)
- return -ENOMEM;
dev_iommu_priv_set(dev, cfg);
cfg_dart = cfg->stream_maps[0].dart;
--
2.39.5
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] iommu: apple-dart: fix potential null pointer deref
2025-03-14 23:01 [PATCH] iommu: apple-dart: fix potential null pointer deref Qasim Ijaz
@ 2025-03-14 23:51 ` Alyssa Rosenzweig
0 siblings, 0 replies; 2+ messages in thread
From: Alyssa Rosenzweig @ 2025-03-14 23:51 UTC (permalink / raw)
To: Qasim Ijaz
Cc: marcan, fnkl.kernel, Sven Peter, Janne Grunau, Joerg Roedel,
Will Deacon, Robin Murphy, asahi, linux-arm-kernel, iommu,
linux-kernel
Reviewed-by: Alyssa Rosenzweig <alyssa@rosenzweig.io>
Le Fri , Mar 14, 2025 at 11:01:02PM +0000, Qasim Ijaz a écrit :
> If kzalloc() fails, accessing cfg->supports_bypass causes a null pointer dereference.
>
> Fix by checking for NULL immediately after allocation and returning -ENOMEM.
>
> Fixes: 3bc0102835f6 ("iommu: apple-dart: Allow mismatched bypass support")
> Signed-off-by: Qasim Ijaz <qasdev00@gmail.com>
> ---
> drivers/iommu/apple-dart.c | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/iommu/apple-dart.c b/drivers/iommu/apple-dart.c
> index 13ccb801f52a..e13501541fdd 100644
> --- a/drivers/iommu/apple-dart.c
> +++ b/drivers/iommu/apple-dart.c
> @@ -797,12 +797,11 @@ static int apple_dart_of_xlate(struct device *dev,
>
> if (!cfg) {
> cfg = kzalloc(sizeof(*cfg), GFP_KERNEL);
> -
> + if (!cfg)
> + return -ENOMEM;
> /* Will be ANDed with DART capabilities */
> cfg->supports_bypass = true;
> }
> - if (!cfg)
> - return -ENOMEM;
> dev_iommu_priv_set(dev, cfg);
>
> cfg_dart = cfg->stream_maps[0].dart;
> --
> 2.39.5
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-03-15 0:06 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-03-14 23:01 [PATCH] iommu: apple-dart: fix potential null pointer deref Qasim Ijaz
2025-03-14 23:51 ` Alyssa Rosenzweig
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox