Re: [PATCH] IOMMU: make domctl handler tolerate NULL domain

[Juergen Gross <jgross@xxxxxxxx>]

On 19.04.22 17:48, Andrew Cooper wrote:
> On 19/04/2022 10:39, Jan Beulich wrote:
> > Besides the reporter's issue of hitting a NULL deref when !CONFIG_GDBSX,
> > XEN_DOMCTL_test_assign_device can legitimately end up having NULL passed
> > here, when the domctl was passed DOMID_INVALID.
> >
> > Fixes: 71e617a6b8f6 ("use is_iommu_enabled() where appropriate...")
> > Reported-by: Cheyenne Wills <cheyenne.wills@xxxxxxxxx>
> > Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
> >
> > --- a/xen/drivers/passthrough/iommu.c
> > +++ b/xen/drivers/passthrough/iommu.c
> > @@ -558,7 +558,7 @@ int iommu_do_domctl(
> >   {
> >       int ret = -ENODEV;
> >   
> > -    if ( !is_iommu_enabled(d) )
> > +    if ( !(d ? is_iommu_enabled(d) : iommu_enabled) )
> >           return -EOPNOTSUPP;
> Having spent the better part of a day debugging this mess, this patch is
> plain broken.
>
> It depends on Juergen's "xen/iommu: cleanup iommu related domctl
> handling" patch, because otherwise it erroneously fails non-IOMMU subops.
Which is not a real problem, as it is being called after all other
subops didn't match. Or with my 3rd patch applied it is called only
for IOMMU subops.


Juergen

Attachment: OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature