Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-29 06:12:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
0dfc0c792d
linux/drivers/iommu
History
Changbin Du 0dfc0c792d iommu/vt-d: fix shift-out-of-bounds in bug checking 
It allows to flush more than 4GB of device TLBs. So the mask should be
64bit wide. UBSAN captured this fault as below.

[    3.760024] ================================================================================
[    3.768440] UBSAN: Undefined behaviour in drivers/iommu/dmar.c:1348:3
[    3.774864] shift exponent 64 is too large for 32-bit type 'int'
[    3.780853] CPU: 2 PID: 0 Comm: swapper/2 Tainted: G     U            4.17.0-rc1+ #89
[    3.788661] Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.2.8 01/26/2016
[    3.796034] Call Trace:
[    3.798472]  <IRQ>
[    3.800479]  dump_stack+0x90/0xfb
[    3.803787]  ubsan_epilogue+0x9/0x40
[    3.807353]  __ubsan_handle_shift_out_of_bounds+0x10e/0x170
[    3.812916]  ? qi_flush_dev_iotlb+0x124/0x180
[    3.817261]  qi_flush_dev_iotlb+0x124/0x180
[    3.821437]  iommu_flush_dev_iotlb+0x94/0xf0
[    3.825698]  iommu_flush_iova+0x10b/0x1c0
[    3.829699]  ? fq_ring_free+0x1d0/0x1d0
[    3.833527]  iova_domain_flush+0x25/0x40
[    3.837448]  fq_flush_timeout+0x55/0x160
[    3.841368]  ? fq_ring_free+0x1d0/0x1d0
[    3.845200]  ? fq_ring_free+0x1d0/0x1d0
[    3.849034]  call_timer_fn+0xbe/0x310
[    3.852696]  ? fq_ring_free+0x1d0/0x1d0
[    3.856530]  run_timer_softirq+0x223/0x6e0
[    3.860625]  ? sched_clock+0x5/0x10
[    3.864108]  ? sched_clock+0x5/0x10
[    3.867594]  __do_softirq+0x1b5/0x6f5
[    3.871250]  irq_exit+0xd4/0x130
[    3.874470]  smp_apic_timer_interrupt+0xb8/0x2f0
[    3.879075]  apic_timer_interrupt+0xf/0x20
[    3.883159]  </IRQ>
[    3.885255] RIP: 0010:poll_idle+0x60/0xe7
[    3.889252] RSP: 0018:ffffb1b201943e30 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[    3.896802] RAX: 0000000080200000 RBX: 000000000000008e RCX: 000000000000001f
[    3.903918] RDX: 0000000000000000 RSI: 000000002819aa06 RDI: 0000000000000000
[    3.911031] RBP: ffff9e93c6b33280 R08: 00000010f717d567 R09: 000000000010d205
[    3.918146] R10: ffffb1b201943df8 R11: 0000000000000001 R12: 00000000e01b169d
[    3.925260] R13: 0000000000000000 R14: ffffffffb12aa400 R15: 0000000000000000
[    3.932382]  cpuidle_enter_state+0xb4/0x470
[    3.936558]  do_idle+0x222/0x310
[    3.939779]  cpu_startup_entry+0x78/0x90
[    3.943693]  start_secondary+0x205/0x2e0
[    3.947607]  secondary_startup_64+0xa5/0xb0
[    3.951783] ================================================================================

Signed-off-by: Changbin Du <changbin.du@intel.com>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
2018-05-03 16:32:11 +02:00
..
amd_iommu_init.c iommu/amd: Use raw locks on atomic context paths 2018-02-13 14:18:06 +01:00
amd_iommu_proto.h IOMMU Updates for Linux v4.14 2017-09-09 15:03:24 -07:00
amd_iommu_types.h iommu/amd: Turn dev_data_list into a lock less list 2018-03-29 10:38:14 +02:00
amd_iommu_v2.c pci-v4.16-changes 2018-02-06 09:59:40 -08:00
amd_iommu.c iommu/amd: Hide unused iommu_table_lock 2018-05-03 16:31:57 +02:00
arm-smmu-regs.h iommu/arm-smmu: Split out register defines 2017-08-15 17:34:48 +02:00
arm-smmu-v3.c iommu/arm-smmu-v3: Support 52-bit virtual address 2018-03-27 14:12:06 +01:00
arm-smmu.c iommu: Clean up of_iommu_init_fn 2018-01-17 15:25:50 +01:00
dma-iommu.c iommu/dma: Move PCI window region reservation back into dma specific path. 2018-05-03 16:32:10 +02:00
dmar.c iommu/vt-d: fix shift-out-of-bounds in bug checking 2018-05-03 16:32:11 +02:00
exynos-iommu.c IOMMU Updates for Linux v4.17 2018-04-11 18:50:41 -07:00
fsl_pamu_domain.c Merge branches 'arm/exynos', 'arm/renesas', 'arm/rockchip', 'arm/omap', 'arm/mediatek', 'arm/tegra', 'arm/qcom', 'arm/smmu', 'ppc/pamu', 'x86/vt-d', 'x86/amd', 's390' and 'core' into next 2017-09-01 11:31:42 +02:00
fsl_pamu_domain.h iommu/pamu: Fix PAMU boot crash 2017-08-23 16:28:09 +02:00
fsl_pamu.c Merge branches 'arm/exynos', 'arm/renesas', 'arm/rockchip', 'arm/omap', 'arm/mediatek', 'arm/tegra', 'arm/qcom', 'arm/smmu', 'ppc/pamu', 'x86/vt-d', 'x86/amd', 's390' and 'core' into next 2017-09-01 11:31:42 +02:00
fsl_pamu.h iommu/pamu: Fix PAMU boot crash 2017-08-23 16:28:09 +02:00
intel_irq_remapping.c iommu/vt-d: Fix usage of force parameter in intel_ir_reconfigure_irte() 2018-05-03 16:31:39 +02:00
intel-iommu.c IOMMU Updates for Linux v4.17 2018-04-11 18:50:41 -07:00
intel-svm.c Merge branches 'x86/amd', 'x86/vt-d', 'arm/rockchip', 'arm/omap', 'arm/mediatek', 'arm/exynos', 'arm/renesas', 'arm/smmu' and 'core' into next 2018-03-29 15:24:40 +02:00
io-pgtable-arm-v7s.c iommu/io-pgtable: Use size_t return type for all foo_unmap 2018-02-13 19:31:32 +01:00
io-pgtable-arm.c Merge branches 'x86/amd', 'x86/vt-d', 'arm/rockchip', 'arm/omap', 'arm/mediatek', 'arm/exynos', 'arm/renesas', 'arm/smmu' and 'core' into next 2018-03-29 15:24:40 +02:00
io-pgtable.c iommu/io-pgtable: Fix a brace coding style issue. 2016-04-05 15:34:29 +02:00
io-pgtable.h iommu/io-pgtable: Use size_t return type for all foo_unmap 2018-02-13 19:31:32 +01:00
iommu-sysfs.c iommu: Fix wrong freeing of iommu_device->dev 2017-08-15 13:58:48 +02:00
iommu-traces.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
iommu.c iommu: Do not return error code for APIs with size_t return type 2018-02-13 19:31:20 +01:00
iova.c treewide: setup_timer() -> timer_setup() 2017-11-21 15:57:07 -08:00
ipmmu-vmsa.c iommu: Clean up of_iommu_init_fn 2018-01-17 15:25:50 +01:00
irq_remapping.c x86/apic: Rename variables and functions related to x86_io_apic_ops 2018-02-17 11:47:45 +01:00
irq_remapping.h
Kconfig iommu/intel-iommu: Enable CONFIG_DMA_DIRECT_OPS=y and clean up intel_{alloc,free}_coherent() 2018-03-20 10:01:58 +01:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
msm_iommu_hw-8xxx.h
msm_iommu.c iommu: Clean up of_iommu_init_fn 2018-01-17 15:25:50 +01:00
msm_iommu.h iommu/msm: Make use of iommu_device_register interface 2017-02-10 13:44:57 +01:00
mtk_iommu_v1.c IOMMU Updates for Linux v4.17 2018-04-11 18:50:41 -07:00
mtk_iommu.c iommu/mediatek: Fix protect memory setting 2018-03-21 06:13:57 -05:00
mtk_iommu.h iommu/mediatek: Fix protect memory setting 2018-03-21 06:13:57 -05:00
of_iommu.c iommu: Clean up of_iommu_init_fn 2018-01-17 15:25:50 +01:00
omap-iommu-debug.c iommu/omap: Fix debugfs_create_*() usage 2018-01-17 14:23:33 +01:00
omap-iommu.c iommu/omap: Increase group ref in .device_group() 2018-03-15 15:54:52 +01:00
omap-iommu.h iommu/omap: Add support to program multiple iommus 2017-09-19 11:32:05 +02:00
omap-iopgtable.h
qcom_iommu.c iommu: Clean up of_iommu_init_fn 2018-01-17 15:25:50 +01:00
rockchip-iommu.c iommu/rockchip: Make clock handling optional 2018-05-03 16:32:10 +02:00
s390-iommu.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tegra-gart.c iommu/tegra-gart: Add support for struct iommu_device 2017-08-17 16:31:34 +02:00
tegra-smmu.c iommu/tegra-smmu: Fix return value check in tegra_smmu_group_get() 2017-12-20 18:32:08 +01:00