Re: [PATCH] dmaengine: idxd: Fix passing freed memory in idxd_cdev_open()

From: Fenghua Yu
Date: Wed May 10 2023 - 18:08:03 EST

Next message: Kuogee Hsieh: "[PATCH v6 0/8] add DSC 1.2 dpu supports"
Previous message: Jarkko Sakkinen: "Re: [PATCH v2 0/2] Fix TPM 1.2 resume"
In reply to: Dave Jiang: "Re: [PATCH] dmaengine: idxd: Fix passing freed memory in idxd_cdev_open()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/8/23 23:07, Harshit Mogalapalli wrote:

Smatch warns:
drivers/dma/idxd/cdev.c:327:
idxd_cdev_open() warn: 'sva' was already freed.

When idxd_wq_set_pasid() fails, the current code unbinds sva and then
goes to 'failed_set_pasid' where iommu_sva_unbind_device is called
again causing the above warning.
[ device_user_pasid_enabled(idxd) is still true when calling
failed_set_pasid ]

Fix this by removing additional unbind when idxd_wq_set_pasid() fails

Fixes: b022f59725f0 ("dmaengine: idxd: add idxd_copy_cr() to copy user completion record during page fault handling")
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@xxxxxxxxxx>

Acked-by: Fenghua Yu <fenghua.yu@xxxxxxxxx>

Thanks.

-Fenghua

Next message: Kuogee Hsieh: "[PATCH v6 0/8] add DSC 1.2 dpu supports"
Previous message: Jarkko Sakkinen: "Re: [PATCH v2 0/2] Fix TPM 1.2 resume"
In reply to: Dave Jiang: "Re: [PATCH] dmaengine: idxd: Fix passing freed memory in idxd_cdev_open()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]