On Tue, Oct 26, 2021 at 3:30 PM Anatoly Burakov
<anatoly.bura...@intel.com> wrote:
>
> Partial unmap support was introduced in commit c13ca4e81cac, and with it
> was added a check that dereferenced the IOMMU type to determine whether
> partial ummapping is supported for currently configured IOMMU type. In
> certain circumstances (such as when VFIO is supported, but no devices
> were bound to the VFIO driver), the IOMMU type pointer can be NULL.
>
> However, dereferencing of IOMMU type was guarded by access to the user
> maps list - that is, we were always checking the user map list first,
> and then, if we found a memory region that encloses the one we're trying
> to unmap, we would have performed the IOMMU type check.
>
> This ensured that the IOMMU type check will not cause any NULL pointer
> dereferences, because in order for an IOMMU type check to have been
> performed, there necessarily must have been at least one memory region
> that was previously mapped successfully, and that implies having a
> defined IOMMU type.
>
> When 56259f7fc010 was introduced, the IOMMU type check was moved to
> before we were traversing the user mem maps list, thereby introducing a
> potential NULL dereference, because the IOMMU type access was no longer
> guarded by the user mem maps list traversal.
>
> Fix the issue by moving the IOMMU type check to after the user mem maps
> traversal, thereby ensuring that by the time the check happens, the
> IOMMU type is always valid.
>
> Fixes: 56259f7fc010 ("vfio: allow partially unmapping adjacent memory")
> Cc: xuan.d...@intel.com
>
> Signed-off-by: Anatoly Burakov <anatoly.bura...@intel.com>
Reviewed-by: David Marchand <david.march...@redhat.com>I guess Xuan tested it too, since we have a vhost patch on top of this vfio patch. Can you just confirm it is ok to merge? Thanks. -- David Marchand
