Commit f0576f96 authored by Robin Murphy's avatar Robin Murphy Committed by Greg Kroah-Hartman

iommu/dma: Don't put uninitialised IOVA domains

commit 3ec60043 upstream.

Due to the limitations of having to wait until we see a device's DMA
restrictions before we know how we want an IOVA domain initialised,
there is a window for error if a DMA ops domain is allocated but later
freed without ever being used. In that case, init_iova_domain() was
never called, so calling put_iova_domain() from iommu_put_dma_cookie()
ends up trying to take an uninitialised lock and crashing.

Make things robust by skipping the call unless the IOVA domain actually
has been initialised, as we probably should have done from the start.

Fixes: 0db2e5d1 ("iommu: Implement common IOMMU ops for DMA mapping")
Reported-by: default avatarNate Watterson <nwatters@codeaurora.org>
Reviewed-by: default avatarNate Watterson <nwatters@codeaurora.org>
Tested-by: default avatarNate Watterson <nwatters@codeaurora.org>
Reviewed-by: default avatarEric Auger <eric.auger@redhat.com>
Tested-by: default avatarEric Auger <eric.auger@redhat.com>
Signed-off-by: default avatarRobin Murphy <robin.murphy@arm.com>
Signed-off-by: default avatarJoerg Roedel <jroedel@suse.de>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 4ed792ef
......@@ -68,6 +68,7 @@ void iommu_put_dma_cookie(struct iommu_domain *domain)
if (!iovad)
return;
if (iovad->granule)
put_iova_domain(iovad);
kfree(iovad);
domain->iova_cookie = NULL;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment