• Koos Vriezen's avatar
    iommu/vt-d: Fix NULL pointer dereference in device_to_iommu · 5003ae1e
    Koos Vriezen authored
    The function device_to_iommu() in the Intel VT-d driver
    lacks a NULL-ptr check, resulting in this oops at boot on
    some platforms:
    
     BUG: unable to handle kernel NULL pointer dereference at 00000000000007ab
     IP: [<ffffffff8132234a>] device_to_iommu+0x11a/0x1a0
     PGD 0
    
     [...]
    
     Call Trace:
       ? find_or_alloc_domain.constprop.29+0x1a/0x300
       ? dw_dma_probe+0x561/0x580 [dw_dmac_core]
       ? __get_valid_domain_for_dev+0x39/0x120
       ? __intel_map_single+0x138/0x180
       ? intel_alloc_coherent+0xb6/0x120
       ? sst_hsw_dsp_init+0x173/0x420 [snd_soc_sst_haswell_pcm]
       ? mutex_lock+0x9/0x30
       ? kernfs_add_one+0xdb/0x130
       ? devres_add+0x19/0x60
       ? hsw_pcm_dev_probe+0x46/0xd0 [snd_soc_sst_haswell_pcm]
       ? platform_drv_probe+0x30/0x90
       ? driver_probe_device+0x1ed/0x2b0
       ? __driver_attach+0x8f/0xa0
       ? driver_probe_device+0x2b0/0x2b0
       ? bus_for_each_dev+0x55/0x90
       ? bus_add_driver+0x110/0x210
       ? 0xffffffffa11ea000
       ? driver_register+0x52/0xc0
       ? 0xffffffffa11ea000
       ? do_one_initcall+0x32/0x130
       ? free_vmap_area_noflush+0x37/0x70
       ? kmem_cache_alloc+0x88/0xd0
       ? do_init_module+0x51/0x1c4
       ? load_module+0x1ee9/0x2430
       ? show_taint+0x20/0x20
       ? kernel_read_file+0xfd/0x190
       ? SyS_finit_module+0xa3/0xb0
       ? do_syscall_64+0x4a/0xb0
       ? entry_SYSCALL64_slow_path+0x25/0x25
     Code: 78 ff ff ff 4d 85 c0 74 ee 49 8b 5a 10 0f b6 9b e0 00 00 00 41 38 98 e0 00 00 00 77 da 0f b6 eb 49 39 a8 88 00 00 00 72 ce eb 8f <41> f6 82 ab 07 00 00 04 0f 85 76 ff ff ff 0f b6 4d 08 88 0e 49
     RIP  [<ffffffff8132234a>] device_to_iommu+0x11a/0x1a0
      RSP <ffffc90001457a78>
     CR2: 00000000000007ab
     ---[ end trace 16f974b6d58d0aad ]---
    
    Add the missing pointer check.
    
    Fixes: 1c387188 ("iommu/vt-d: Fix IOMMU lookup for SR-IOV Virtual Functions")
    Signed-off-by: default avatarKoos Vriezen <koos.vriezen@gmail.com>
    Cc: stable@vger.kernel.org # 4.8.15+
    Signed-off-by: default avatarJoerg Roedel <jroedel@suse.de>
    5003ae1e
intel-iommu.c 138 KB