diff options
| author | Joerg Roedel <joro@8bytes.org> | 2014-03-25 15:16:40 -0400 |
|---|---|---|
| committer | Joerg Roedel <joro@8bytes.org> | 2014-03-25 15:36:09 -0400 |
| commit | 11f1a7768cb9179b1f1ce6b8027df7531e0704e7 (patch) | |
| tree | 18886a2d7dd7756ae1b46009092d4003a5faa09d /drivers/iommu | |
| parent | cf04eee8bf0e842dd73a64d02cdcdcbb31b0102c (diff) | |
iommu/vt-d: Check for NULL pointer in dmar_acpi_dev_scope_init()
When ir_dev_scope_init() is called via a rootfs initcall it
will check for irq_remapping_enabled before it calls
(indirectly) into dmar_acpi_dev_scope_init() which uses the
dmar_tbl pointer without any checks.
The AMD IOMMU driver also sets the irq_remapping_enabled
flag which causes the dmar_acpi_dev_scope_init() function to
be called on systems with AMD IOMMU hardware too, causing a
boot-time kernel crash.
Signed-off-by: Joerg Roedel <joro@8bytes.org>
Diffstat (limited to 'drivers/iommu')
| -rw-r--r-- | drivers/iommu/dmar.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/drivers/iommu/dmar.c b/drivers/iommu/dmar.c index 56e1c79dc77f..e531a2b07207 100644 --- a/drivers/iommu/dmar.c +++ b/drivers/iommu/dmar.c | |||
| @@ -657,7 +657,12 @@ static void __init dmar_acpi_insert_dev_scope(u8 device_number, | |||
| 657 | 657 | ||
| 658 | static int __init dmar_acpi_dev_scope_init(void) | 658 | static int __init dmar_acpi_dev_scope_init(void) |
| 659 | { | 659 | { |
| 660 | struct acpi_dmar_andd *andd = (void *)dmar_tbl + sizeof(struct acpi_table_dmar); | 660 | struct acpi_dmar_andd *andd; |
| 661 | |||
| 662 | if (dmar_tbl == NULL) | ||
| 663 | return -ENODEV; | ||
| 664 | |||
| 665 | andd = (void *)dmar_tbl + sizeof(struct acpi_table_dmar); | ||
| 661 | 666 | ||
| 662 | while (((unsigned long)andd) < | 667 | while (((unsigned long)andd) < |
| 663 | ((unsigned long)dmar_tbl) + dmar_tbl->length) { | 668 | ((unsigned long)dmar_tbl) + dmar_tbl->length) { |