summaryrefslogtreecommitdiffstats
path: root/drivers
diff options
context:
space:
mode:
authorJoerg Roedel <joro@8bytes.org>2014-03-25 20:16:40 +0100
committerJoerg Roedel <joro@8bytes.org>2014-03-25 20:36:09 +0100
commit11f1a7768cb9179b1f1ce6b8027df7531e0704e7 (patch)
tree18886a2d7dd7756ae1b46009092d4003a5faa09d /drivers
parentcf04eee8bf0e842dd73a64d02cdcdcbb31b0102c (diff)
downloadlinux-11f1a7768cb9179b1f1ce6b8027df7531e0704e7.tar.gz
linux-11f1a7768cb9179b1f1ce6b8027df7531e0704e7.tar.bz2
linux-11f1a7768cb9179b1f1ce6b8027df7531e0704e7.zip
iommu/vt-d: Check for NULL pointer in dmar_acpi_dev_scope_init()
When ir_dev_scope_init() is called via a rootfs initcall it will check for irq_remapping_enabled before it calls (indirectly) into dmar_acpi_dev_scope_init() which uses the dmar_tbl pointer without any checks. The AMD IOMMU driver also sets the irq_remapping_enabled flag which causes the dmar_acpi_dev_scope_init() function to be called on systems with AMD IOMMU hardware too, causing a boot-time kernel crash. Signed-off-by: Joerg Roedel <joro@8bytes.org>
Diffstat (limited to 'drivers')
-rw-r--r--drivers/iommu/dmar.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/drivers/iommu/dmar.c b/drivers/iommu/dmar.c
index 56e1c79dc77f..e531a2b07207 100644
--- a/drivers/iommu/dmar.c
+++ b/drivers/iommu/dmar.c
@@ -657,7 +657,12 @@ static void __init dmar_acpi_insert_dev_scope(u8 device_number,
static int __init dmar_acpi_dev_scope_init(void)
{
- struct acpi_dmar_andd *andd = (void *)dmar_tbl + sizeof(struct acpi_table_dmar);
+ struct acpi_dmar_andd *andd;
+
+ if (dmar_tbl == NULL)
+ return -ENODEV;
+
+ andd = (void *)dmar_tbl + sizeof(struct acpi_table_dmar);
while (((unsigned long)andd) <
((unsigned long)dmar_tbl) + dmar_tbl->length) {