Re: [PATCH v3] iommu/riscv: prevent NULL deref in iova_to_phys

From: Robin Murphy
Date: Fri Aug 15 2025 - 10:45:38 EST

Next message: Greg Kroah-Hartman: "Linux 6.16.1"
Previous message: Michal Koutný: "Re: [PATCH] kernfs: Fix UAF in PSI polling when open file is released"
In reply to: Joerg Roedel: "Re: [PATCH v3] iommu/riscv: prevent NULL deref in iova_to_phys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 15/08/2025 11:01 am, Joerg Roedel wrote:

On Fri, Aug 15, 2025 at 03:12:44PM +0800, XianLiang Huang wrote:

diff --git a/drivers/iommu/riscv/iommu.c b/drivers/iommu/riscv/iommu.c
index 2d0d31ba2886..0eae2f4bdc5e 100644
--- a/drivers/iommu/riscv/iommu.c
+++ b/drivers/iommu/riscv/iommu.c
@@ -1283,7 +1283,7 @@ static phys_addr_t riscv_iommu_iova_to_phys(struct iommu_domain *iommu_domain,
unsigned long *ptr;
ptr = riscv_iommu_pte_fetch(domain, iova, &pte_size);
- if (_io_pte_none(*ptr) || !_io_pte_present(*ptr))
+ if (!ptr)
return 0;

Zero is usually not an invalid physical address, or is it on RISC-V?

It's a valid PA on many systems of many architectures, but it's also been the "not mapped/error" value for the iova_to_phys operation all the way back to the very very first intel_iommu_iova_to_pfn() nearly 17 years ago, so hey :)

Thanks,
Robin.

Next message: Greg Kroah-Hartman: "Linux 6.16.1"
Previous message: Michal Koutný: "Re: [PATCH] kernfs: Fix UAF in PSI polling when open file is released"
In reply to: Joerg Roedel: "Re: [PATCH v3] iommu/riscv: prevent NULL deref in iova_to_phys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]