Message ID | 20191113134136.16180-1-andrew.cooper3@citrix.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | [for-4.13] AMD/IOMMU: Fix crash in 'V' debugkey | expand |
On 13/11/2019 13:41, Andrew Cooper wrote: > c/s bb038f31168 "AMD/IOMMU: replace INTREMAP_ENTRIES" introduces a call to > intremap_table_entries() in dump_intremap_table() before tbl.ptr is checked > for NULL. > > intremap_table_entries() internally uses virt_to_page() which falls over > > ASSERT(va >= XEN_VIRT_START); > > in __virt_to_page(). > > Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> > --- > CC: Jan Beulich <JBeulich@suse.com> > CC: Juergen Gross <jgross@suse.com> > > For 4.13. Regression vs 4.12 Oops sorry. Should have had a Reported-by: Igor Druzhinin <igor.druzhinin@citrix.com> Fixed up locally ~Andrew > --- > xen/drivers/passthrough/amd/iommu_intr.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/xen/drivers/passthrough/amd/iommu_intr.c b/xen/drivers/passthrough/amd/iommu_intr.c > index 1eed60f265..5e92c023f8 100644 > --- a/xen/drivers/passthrough/amd/iommu_intr.c > +++ b/xen/drivers/passthrough/amd/iommu_intr.c > @@ -847,11 +847,13 @@ static void dump_intremap_table(const struct amd_iommu *iommu, > union irte_cptr tbl, > const struct ivrs_mappings *ivrs_mapping) > { > - unsigned int count, nr = intremap_table_entries(tbl.ptr, iommu); > + unsigned int count, nr; > > if ( !tbl.ptr ) > return; > > + nr = intremap_table_entries(tbl.ptr, iommu); > + > for ( count = 0; count < nr; count++ ) > { > if ( iommu->ctrl.ga_en
On 13.11.2019 14:41, Andrew Cooper wrote: > c/s bb038f31168 "AMD/IOMMU: replace INTREMAP_ENTRIES" introduces a call to > intremap_table_entries() in dump_intremap_table() before tbl.ptr is checked > for NULL. > > intremap_table_entries() internally uses virt_to_page() which falls over > > ASSERT(va >= XEN_VIRT_START); > > in __virt_to_page(). > > Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com>
On 13.11.19 14:41, Andrew Cooper wrote: > c/s bb038f31168 "AMD/IOMMU: replace INTREMAP_ENTRIES" introduces a call to > intremap_table_entries() in dump_intremap_table() before tbl.ptr is checked > for NULL. > > intremap_table_entries() internally uses virt_to_page() which falls over > > ASSERT(va >= XEN_VIRT_START); > > in __virt_to_page(). > > Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Release-acked-by: Juergen Gross <jgross@suse.com> Juergen
diff --git a/xen/drivers/passthrough/amd/iommu_intr.c b/xen/drivers/passthrough/amd/iommu_intr.c index 1eed60f265..5e92c023f8 100644 --- a/xen/drivers/passthrough/amd/iommu_intr.c +++ b/xen/drivers/passthrough/amd/iommu_intr.c @@ -847,11 +847,13 @@ static void dump_intremap_table(const struct amd_iommu *iommu, union irte_cptr tbl, const struct ivrs_mappings *ivrs_mapping) { - unsigned int count, nr = intremap_table_entries(tbl.ptr, iommu); + unsigned int count, nr; if ( !tbl.ptr ) return; + nr = intremap_table_entries(tbl.ptr, iommu); + for ( count = 0; count < nr; count++ ) { if ( iommu->ctrl.ga_en
c/s bb038f31168 "AMD/IOMMU: replace INTREMAP_ENTRIES" introduces a call to intremap_table_entries() in dump_intremap_table() before tbl.ptr is checked for NULL. intremap_table_entries() internally uses virt_to_page() which falls over ASSERT(va >= XEN_VIRT_START); in __virt_to_page(). Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> --- CC: Jan Beulich <JBeulich@suse.com> CC: Juergen Gross <jgross@suse.com> For 4.13. Regression vs 4.12 --- xen/drivers/passthrough/amd/iommu_intr.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)