summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoerg Roedel <joro@8bytes.org>2014-03-25 23:16:40 +0400
committerJoerg Roedel <joro@8bytes.org>2014-03-25 23:36:09 +0400
commit11f1a7768cb9179b1f1ce6b8027df7531e0704e7 (patch)
tree18886a2d7dd7756ae1b46009092d4003a5faa09d
parentcf04eee8bf0e842dd73a64d02cdcdcbb31b0102c (diff)
downloadlinux-11f1a7768cb9179b1f1ce6b8027df7531e0704e7.tar.xz
iommu/vt-d: Check for NULL pointer in dmar_acpi_dev_scope_init()
When ir_dev_scope_init() is called via a rootfs initcall it will check for irq_remapping_enabled before it calls (indirectly) into dmar_acpi_dev_scope_init() which uses the dmar_tbl pointer without any checks. The AMD IOMMU driver also sets the irq_remapping_enabled flag which causes the dmar_acpi_dev_scope_init() function to be called on systems with AMD IOMMU hardware too, causing a boot-time kernel crash. Signed-off-by: Joerg Roedel <joro@8bytes.org>
-rw-r--r--drivers/iommu/dmar.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/drivers/iommu/dmar.c b/drivers/iommu/dmar.c
index 56e1c79dc77f..e531a2b07207 100644
--- a/drivers/iommu/dmar.c
+++ b/drivers/iommu/dmar.c
@@ -657,7 +657,12 @@ static void __init dmar_acpi_insert_dev_scope(u8 device_number,
static int __init dmar_acpi_dev_scope_init(void)
{
- struct acpi_dmar_andd *andd = (void *)dmar_tbl + sizeof(struct acpi_table_dmar);
+ struct acpi_dmar_andd *andd;
+
+ if (dmar_tbl == NULL)
+ return -ENODEV;
+
+ andd = (void *)dmar_tbl + sizeof(struct acpi_table_dmar);
while (((unsigned long)andd) <
((unsigned long)dmar_tbl) + dmar_tbl->length) {