diff options
author | Joerg Roedel <joro@8bytes.org> | 2014-03-25 20:16:40 +0100 |
---|---|---|
committer | Joerg Roedel <joro@8bytes.org> | 2014-03-25 20:36:09 +0100 |
commit | 11f1a7768cb9179b1f1ce6b8027df7531e0704e7 (patch) | |
tree | 18886a2d7dd7756ae1b46009092d4003a5faa09d /drivers/iommu | |
parent | cf04eee8bf0e842dd73a64d02cdcdcbb31b0102c (diff) | |
download | op-kernel-dev-11f1a7768cb9179b1f1ce6b8027df7531e0704e7.zip op-kernel-dev-11f1a7768cb9179b1f1ce6b8027df7531e0704e7.tar.gz |
iommu/vt-d: Check for NULL pointer in dmar_acpi_dev_scope_init()
When ir_dev_scope_init() is called via a rootfs initcall it
will check for irq_remapping_enabled before it calls
(indirectly) into dmar_acpi_dev_scope_init() which uses the
dmar_tbl pointer without any checks.
The AMD IOMMU driver also sets the irq_remapping_enabled
flag which causes the dmar_acpi_dev_scope_init() function to
be called on systems with AMD IOMMU hardware too, causing a
boot-time kernel crash.
Signed-off-by: Joerg Roedel <joro@8bytes.org>
Diffstat (limited to 'drivers/iommu')
-rw-r--r-- | drivers/iommu/dmar.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/drivers/iommu/dmar.c b/drivers/iommu/dmar.c index 56e1c79..e531a2b 100644 --- a/drivers/iommu/dmar.c +++ b/drivers/iommu/dmar.c @@ -657,7 +657,12 @@ static void __init dmar_acpi_insert_dev_scope(u8 device_number, static int __init dmar_acpi_dev_scope_init(void) { - struct acpi_dmar_andd *andd = (void *)dmar_tbl + sizeof(struct acpi_table_dmar); + struct acpi_dmar_andd *andd; + + if (dmar_tbl == NULL) + return -ENODEV; + + andd = (void *)dmar_tbl + sizeof(struct acpi_table_dmar); while (((unsigned long)andd) < ((unsigned long)dmar_tbl) + dmar_tbl->length) { |