2024-04-25 09:20:40

by Chen Ni

[permalink] [raw]
Subject: [PATCH] iommu/rockchip: Add missing check for of_find_device_by_node

Add check for the return value of of_find_device_by_node() and return
the error if it fails in order to avoid NULL pointer dereference.

Fixes: 5fd577c3eac3 ("iommu/rockchip: Use OF_IOMMU to attach devices automatically")
Signed-off-by: Chen Ni <[email protected]>
---
drivers/iommu/rockchip-iommu.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/drivers/iommu/rockchip-iommu.c b/drivers/iommu/rockchip-iommu.c
index 4b369419b32c..1225c1df6ef6 100644
--- a/drivers/iommu/rockchip-iommu.c
+++ b/drivers/iommu/rockchip-iommu.c
@@ -1152,6 +1152,8 @@ static int rk_iommu_of_xlate(struct device *dev,
return -ENOMEM;

iommu_dev = of_find_device_by_node(args->np);
+ if (!iommu_dev)
+ return -ENODEV;

data->iommu = platform_get_drvdata(iommu_dev);
data->iommu->domain = &rk_identity_domain;
--
2.25.1



2024-04-25 11:04:36

by Robin Murphy

[permalink] [raw]
Subject: Re: [PATCH] iommu/rockchip: Add missing check for of_find_device_by_node

On 25/04/2024 10:18 am, Chen Ni wrote:
> Add check for the return value of of_find_device_by_node() and return
> the error if it fails in order to avoid NULL pointer dereference.

How would it return NULL?

Or to put it another way, if a device has somehow vanished without
unbinding its driver or unregistering the iommu_ops through which this
is called, then the kernel state is clearly so broken that crashing is
probably the safest thing to do. Furthermore if we couldn't assume we
have the right device here then we also couldn't assume that its drvdata
points to the right thing either, so we'd be rather stuck.

Thanks,
Robin.

> Fixes: 5fd577c3eac3 ("iommu/rockchip: Use OF_IOMMU to attach devices automatically")
> Signed-off-by: Chen Ni <[email protected]>
> ---
> drivers/iommu/rockchip-iommu.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/iommu/rockchip-iommu.c b/drivers/iommu/rockchip-iommu.c
> index 4b369419b32c..1225c1df6ef6 100644
> --- a/drivers/iommu/rockchip-iommu.c
> +++ b/drivers/iommu/rockchip-iommu.c
> @@ -1152,6 +1152,8 @@ static int rk_iommu_of_xlate(struct device *dev,
> return -ENOMEM;
>
> iommu_dev = of_find_device_by_node(args->np);
> + if (!iommu_dev)
> + return -ENODEV;
>
> data->iommu = platform_get_drvdata(iommu_dev);
> data->iommu->domain = &rk_identity_domain;