Commit 08090744 authored by Robin Murphy's avatar Robin Murphy Committed by Joerg Roedel

iommu/io-pgtable-arm: Fix IOVA validation for 32-bit

Since we ony support the TTB1 quirk for AArch64 contexts, and
consequently only for 64-bit builds, the sign-extension aspect of the
"are all bits above IAS consistent?" check should implicitly only apply
to 64-bit IOVAs. Change the type of the cast to ensure that 32-bit longs
don't inadvertently get sign-extended, and thus considered invalid, if
they happen to be above 2GB in the TTB0 region.
Reported-by: default avatarStephan Gerhold <stephan@gerhold.net>
Signed-off-by: default avatarRobin Murphy <robin.murphy@arm.com>
Acked-by: default avatarAcked-by: Will Deacon <will@kernel.org>
Fixes: db690301 ("iommu/io-pgtable-arm: Prepare for TTBR1 usage")
Signed-off-by: default avatarJoerg Roedel <jroedel@suse.de>
parent 77a1bce8
...@@ -468,7 +468,7 @@ static int arm_lpae_map(struct io_pgtable_ops *ops, unsigned long iova, ...@@ -468,7 +468,7 @@ static int arm_lpae_map(struct io_pgtable_ops *ops, unsigned long iova,
arm_lpae_iopte *ptep = data->pgd; arm_lpae_iopte *ptep = data->pgd;
int ret, lvl = data->start_level; int ret, lvl = data->start_level;
arm_lpae_iopte prot; arm_lpae_iopte prot;
long iaext = (long)iova >> cfg->ias; long iaext = (s64)iova >> cfg->ias;
/* If no access, then nothing to do */ /* If no access, then nothing to do */
if (!(iommu_prot & (IOMMU_READ | IOMMU_WRITE))) if (!(iommu_prot & (IOMMU_READ | IOMMU_WRITE)))
...@@ -645,7 +645,7 @@ static size_t arm_lpae_unmap(struct io_pgtable_ops *ops, unsigned long iova, ...@@ -645,7 +645,7 @@ static size_t arm_lpae_unmap(struct io_pgtable_ops *ops, unsigned long iova,
struct arm_lpae_io_pgtable *data = io_pgtable_ops_to_data(ops); struct arm_lpae_io_pgtable *data = io_pgtable_ops_to_data(ops);
struct io_pgtable_cfg *cfg = &data->iop.cfg; struct io_pgtable_cfg *cfg = &data->iop.cfg;
arm_lpae_iopte *ptep = data->pgd; arm_lpae_iopte *ptep = data->pgd;
long iaext = (long)iova >> cfg->ias; long iaext = (s64)iova >> cfg->ias;
if (WARN_ON(!size || (size & cfg->pgsize_bitmap) != size)) if (WARN_ON(!size || (size & cfg->pgsize_bitmap) != size))
return 0; return 0;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment