Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp1730958rwi; Thu, 13 Oct 2022 19:03:14 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4W/EMcM3Iy4bo3Y8Gvish8Zo9pwIHQAgJQwSRnsSGwSD+As8r3pRQqNemt+2oPop83kOkk X-Received: by 2002:a17:907:7f0b:b0:78d:c16e:e5fc with SMTP id qf11-20020a1709077f0b00b0078dc16ee5fcmr1833652ejc.713.1665712994468; Thu, 13 Oct 2022 19:03:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1665712994; cv=none; d=google.com; s=arc-20160816; b=lZt37vZd/LuGs4BhBReRHGslCq+3z1jaR0dqP0ZI4PgtL1d/ibX3IfOOGYbfFKWOJw HKF1Ci8lKiYoaITz5Os+wmoqqSESQ7klDj0u80ZF2F1ol72X6jOlaLzEpJwWcb2EnYKk 5HCaM/0gzvB9BQgvpvHkPpb0wIcPp1sZSDWWQj/GMlCK5oBriwT4WwiUlEMsvBGik5iL oW/m34HKdJesLE9j12a+Rlds7SeF0yBmEA4IKRHmrdB0a4Eldb4bVa0/6BIXj+tiyISD L4uoIrBf/FMF4Q7zd6eO3040j6VEywHkB4AuuSrCUYTrl8LTUyC2inM5d1lKudPK2QWt zKqQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:to:content-language:subject:cc:user-agent:mime-version :date:message-id:dkim-signature; bh=nd4t+Vq0xYTSaGMPs0vOfjk4FTOMHC+d/+L6MZSbbwc=; b=0uAz84IXoO8n8lbESLMoqbYIrkX65MEv21a97uc9EsXfpt1q+vJzlwFTTDrDDS4vB7 d+aqPz5jQ7eni6F4pUIcX9ZLhVhwsCB1E6HbEKteYCGwGIFyBlHZATCj1mmx2ontRbUJ CiZXx1SCX3jMA1ccQOzByCp3EVr6tbuLXYAdCO3MQZx9UeXoSKf3/kBtuWmAMtFehFCl nNyJsGeiohybObxmGY5aGGlx3YD1WJSwP+M6cA74P0+cV401LFovygKZAMqlhGVVFaQ2 j/LdfSgG4nJiufanZc143tvVvwz4WoFByNoNdJhIO98J5VfHPbQvN09uZWsBtthTO0ML zW6w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Wm5mtvnM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id cs13-20020a170906dc8d00b0078d9db99f5esi1300463ejc.39.2022.10.13.19.02.49; Thu, 13 Oct 2022 19:03:14 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Wm5mtvnM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229624AbiJNBwv (ORCPT + 99 others); Thu, 13 Oct 2022 21:52:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47424 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229471AbiJNBwt (ORCPT ); Thu, 13 Oct 2022 21:52:49 -0400 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4639018982A for ; Thu, 13 Oct 2022 18:52:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1665712369; x=1697248369; h=message-id:date:mime-version:cc:subject:to:references: from:in-reply-to:content-transfer-encoding; bh=Tvf1KEUmmFWCZG5Vqpb9xVTMOaAK+dTPvxZXl2xkreQ=; b=Wm5mtvnMIcHanNnbKfYNsFLrFdrjFzqG77pmOOVC7aLAVLgC0beql2Aw gT3c3TLGF+dLQCsfpN1JVdE0NUypKwEE20z5u0cORrgp2XC/hATPlREeD j2akybprrn7bDw+FFPD/pBUTnZe7xt5h0sbvxpR0hH73zi///1jblDQ5j uEtB+njd9zFLjDexpjXnSsxNlxoYaOq6+iTCaKXASy6k3fCSF4K4TefDb lzkq77zocHbU/COcHp75HQmTNwOTagj0A4d0G3QP4Q10WqxXDxzRsGh7m bUaMDaz4taZ1kIXtRgUgEBs5Uk2KNGYaY4TUtYJiJHSXzA1Cm2CJzToG4 Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10499"; a="305244853" X-IronPort-AV: E=Sophos;i="5.95,182,1661842800"; d="scan'208";a="305244853" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Oct 2022 18:52:48 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10499"; a="627401441" X-IronPort-AV: E=Sophos;i="5.95,182,1661842800"; d="scan'208";a="627401441" Received: from blu2-mobl3.ccr.corp.intel.com (HELO [10.254.210.33]) ([10.254.210.33]) by orsmga002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Oct 2022 18:52:46 -0700 Message-ID: <89029bfb-bdf6-43e3-b24c-09c266277f0e@linux.intel.com> Date: Fri, 14 Oct 2022 09:52:44 +0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.3.2 Cc: baolu.lu@linux.intel.com, Joerg Roedel , Will Deacon , Robin Murphy Subject: Re: [RFC PATCH] iommu/vt-d: Add sanity check to iommu_sva_bind_device() Content-Language: en-US To: Jerry Snitselaar , iommu@lists.linux.dev, linux-kernel@vger.kernel.org References: <20221013153355.2365865-1-jsnitsel@redhat.com> From: Baolu Lu In-Reply-To: <20221013153355.2365865-1-jsnitsel@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-8.2 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2022/10/13 23:33, Jerry Snitselaar wrote: > iommu_sva_bind_device() should only be called if > iommu_dev_enable_feature() succeeded. There has been one case already > where that hasn't been the case, which resulted in a null pointer > deref in dev_iommu_ops(). To avoid that happening in the future if > another driver makes that mistake, sanity check dev->iommu and > dev->iommu->iommu_dev prior to calling dev_iommu_ops(). > > Cc: Joerg Roedel > Cc: Will Deacon > Cc: Robin Murphy > Cc: Lu Baolu > Signed-off-by: Jerry Snitselaar > --- > drivers/iommu/iommu.c | 10 +++++++++- > 1 file changed, 9 insertions(+), 1 deletion(-) > > diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c > index 4893c2429ca5..20ec75667529 100644 > --- a/drivers/iommu/iommu.c > +++ b/drivers/iommu/iommu.c > @@ -2746,7 +2746,15 @@ iommu_sva_bind_device(struct device *dev, struct mm_struct *mm, void *drvdata) > { > struct iommu_group *group; > struct iommu_sva *handle = ERR_PTR(-EINVAL); > - const struct iommu_ops *ops = dev_iommu_ops(dev); > + const struct iommu_ops *ops; > + > + if (!dev->iommu || !dev->iommu->iommu_dev) { > + dev_warn(dev, "%s called without checking succes of iommu_dev_enable_feature?\n", > + __func__); > + return ERR_PTR(-ENODEV); > + } If that's the case, dev_iommu_ops() will warn a NULL pointer reference. This kind of error will be discovered at the first place. Best regards, baolu > + > + ops = dev_iommu_ops(dev); > > if (!ops->sva_bind) > return ERR_PTR(-ENODEV);