On Wed, Jul 20, 2016 at 02:26:51PM +1000, Alexey Kardashevskiy wrote: > The iommu_table_ops::exchange() callback writes new TCE to the table > and returns old value and permission mask. The old TCE value is > correctly converted from BE to CPU endian; however permission mask > was calculated from BE value and therefore always returned DMA_NONE > which could cause memory leak on LE systems using VFIO SPAPR TCE IOMMU v1 > driver. > > This fixes pnv_tce_xchg() to have @oldtce a CPU endian. > > Fixes: 05c6cfb9dce0d13d37e9d007ee6a4af36f1c0a58 > Cc: sta...@vger.kernel.org # 4.2+ > Signed-off-by: Alexey Kardashevskiy <a...@ozlabs.ru>
Reviewed-by: David Gibson <da...@gibson.dropbear.id.au>
> ---
> arch/powerpc/platforms/powernv/pci.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/powerpc/platforms/powernv/pci.c
> b/arch/powerpc/platforms/powernv/pci.c
> index 1d92bd9..7b17f88 100644
> --- a/arch/powerpc/platforms/powernv/pci.c
> +++ b/arch/powerpc/platforms/powernv/pci.c
> @@ -620,8 +620,8 @@ int pnv_tce_xchg(struct iommu_table *tbl, long index,
> if (newtce & TCE_PCI_WRITE)
> newtce |= TCE_PCI_READ;
>
> - oldtce = xchg(pnv_tce(tbl, idx), cpu_to_be64(newtce));
> - *hpa = be64_to_cpu(oldtce) & ~(TCE_PCI_READ | TCE_PCI_WRITE);
> + oldtce = be64_to_cpu(xchg(pnv_tce(tbl, idx), cpu_to_be64(newtce)));
> + *hpa = oldtce & ~(TCE_PCI_READ | TCE_PCI_WRITE);
> *direction = iommu_tce_direction(oldtce);
>
> return 0;
--
David Gibson | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson
signature.asc
Description: PGP signature
_______________________________________________ Linuxppc-dev mailing list Linuxppc-dev@lists.ozlabs.org https://lists.ozlabs.org/listinfo/linuxppc-dev
