* [PATCH Trivial] intel-iommu: check return value of device_to_iommu() before using it
@ 2014-01-09 1:58 ethan zhao
2014-01-09 12:01 ` Joerg Roedel
0 siblings, 1 reply; 3+ messages in thread
From: ethan zhao @ 2014-01-09 1:58 UTC (permalink / raw)
To: joro, dwmw2, yinghai, bhelgaas, jiang.liu; +Cc: iommu, linux-pci, linux-kernel
[-- Attachment #1: Type: text/plain, Size: 794 bytes --]
in function iommu_support_dev_iotlb(),return value of device_to_iommu()
is used without checking, this could cause NULL pointer issue.
this patch is for v3.12.6
Signed-off-by: Ethan Zhao <ethan.zhao@oracle.com>
---
drivers/iommu/intel-iommu.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c
index 40203ad..5b4531a 100644
--- a/drivers/iommu/intel-iommu.c
+++ b/drivers/iommu/intel-iommu.c
@@ -1105,6 +1105,8 @@ static struct device_domain_info
*iommu_support_dev_iotlb(
struct device_domain_info *info;
struct intel_iommu *iommu = device_to_iommu(segment, bus, devfn);
+ if (!iommu)
+ return NULL;
if (!ecap_dev_iotlb_support(iommu->ecap))
return NULL;
--
1.7.1
[-- Attachment #2: 0001-intel-iommu-check-return-value-of-device_to_iommu-be.patch --]
[-- Type: text/x-patch, Size: 1002 bytes --]
>From 27d8cdd3fcc6f4ff5cc2ba36d8d5ea0a97823a17 Mon Sep 17 00:00:00 2001
From: ethan.zhao <ethan.zhao@oracle.com>
Date: Thu, 9 Jan 2014 08:40:16 -0500
Subject: [PATCH] intel-iommu: check return value of device_to_iommu() before using it
in function iommu_support_dev_iotlb(),return value of device_to_iommu()
is used without checking, this could cause NULL pointer issue.
this patch is for v3.12.6
Signed-off-by: Ethan Zhao <ethan.zhao@oracle.com>
---
drivers/iommu/intel-iommu.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c
index 40203ad..5b4531a 100644
--- a/drivers/iommu/intel-iommu.c
+++ b/drivers/iommu/intel-iommu.c
@@ -1105,6 +1105,8 @@ static struct device_domain_info *iommu_support_dev_iotlb(
struct device_domain_info *info;
struct intel_iommu *iommu = device_to_iommu(segment, bus, devfn);
+ if (!iommu)
+ return NULL;
if (!ecap_dev_iotlb_support(iommu->ecap))
return NULL;
--
1.7.1
^ permalink raw reply related [flat|nested] 3+ messages in thread* Re: [PATCH Trivial] intel-iommu: check return value of device_to_iommu() before using it
2014-01-09 1:58 [PATCH Trivial] intel-iommu: check return value of device_to_iommu() before using it ethan zhao
@ 2014-01-09 12:01 ` Joerg Roedel
2014-01-10 2:16 ` Ethan Zhao
0 siblings, 1 reply; 3+ messages in thread
From: Joerg Roedel @ 2014-01-09 12:01 UTC (permalink / raw)
To: ethan zhao
Cc: dwmw2, yinghai, bhelgaas, jiang.liu, iommu, linux-pci,
linux-kernel
On Thu, Jan 09, 2014 at 09:58:42AM +0800, ethan zhao wrote:
> drivers/iommu/intel-iommu.c | 2 ++
> 1 files changed, 2 insertions(+), 0 deletions(-)
>
> diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c
> index 40203ad..5b4531a 100644
> --- a/drivers/iommu/intel-iommu.c
> +++ b/drivers/iommu/intel-iommu.c
> @@ -1105,6 +1105,8 @@ static struct device_domain_info
> *iommu_support_dev_iotlb(
> struct device_domain_info *info;
> struct intel_iommu *iommu = device_to_iommu(segment, bus, devfn);
>
> + if (!iommu)
> + return NULL;
> if (!ecap_dev_iotlb_support(iommu->ecap))
> return NULL;
This call can not fail, iommu_support_dev_iotlb() is only called from
domain_context_mapping_one() which does the iommu==NULL check on its
own before the call.
Joerg
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH Trivial] intel-iommu: check return value of device_to_iommu() before using it
2014-01-09 12:01 ` Joerg Roedel
@ 2014-01-10 2:16 ` Ethan Zhao
0 siblings, 0 replies; 3+ messages in thread
From: Ethan Zhao @ 2014-01-10 2:16 UTC (permalink / raw)
To: Joerg Roedel
Cc: ethan zhao, dwmw2, Yinghai Lu, Bjorn Helgaas, jiang.liu, iommu,
linux-pci, LKML
On Thu, Jan 9, 2014 at 8:01 PM, Joerg Roedel <joro@8bytes.org> wrote:
> On Thu, Jan 09, 2014 at 09:58:42AM +0800, ethan zhao wrote:
>> drivers/iommu/intel-iommu.c | 2 ++
>> 1 files changed, 2 insertions(+), 0 deletions(-)
>>
>> diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c
>> index 40203ad..5b4531a 100644
>> --- a/drivers/iommu/intel-iommu.c
>> +++ b/drivers/iommu/intel-iommu.c
>> @@ -1105,6 +1105,8 @@ static struct device_domain_info
>> *iommu_support_dev_iotlb(
>> struct device_domain_info *info;
>> struct intel_iommu *iommu = device_to_iommu(segment, bus, devfn);
>>
>> + if (!iommu)
>> + return NULL;
>> if (!ecap_dev_iotlb_support(iommu->ecap))
>> return NULL;
>
> This call can not fail, iommu_support_dev_iotlb() is only called from
> domain_context_mapping_one() which does the iommu==NULL check on its
> own before the call.
>
Agree, till now, was checked in domain_context_mapping_one(), but how
about if we query information with iommu_support_dev_iotlb() in other
code ?
Thanks,
Ethan
>
> Joerg
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-pci" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-01-10 2:16 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-01-09 1:58 [PATCH Trivial] intel-iommu: check return value of device_to_iommu() before using it ethan zhao
2014-01-09 12:01 ` Joerg Roedel
2014-01-10 2:16 ` Ethan Zhao
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).