Commit d046b770 authored by Sowmini Varadhan's avatar Sowmini Varadhan Committed by Linus Torvalds

lib/iommu-common.c: do not try to deref a null iommu->lazy_flush() pointer when n < pool->hint

The check for invoking iommu->lazy_flush() from iommu_tbl_range_alloc()
has to be refactored so that we only call ->lazy_flush() if it is
non-null.

I had a sparc kernel that was crashing when I was trying to process some
very large perf.data files- the crash happens when the scsi driver calls
into dma_4v_map_sg and thus the iommu_tbl_range_alloc().
Signed-off-by: default avatarSowmini Varadhan <sowmini.varadhan@oracle.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Guenter Roeck <linux@roeck-us.net>
Cc: David S. Miller <davem@davemloft.net>
Cc: <stable@vger.kernel.org>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 769a8089
...@@ -21,8 +21,7 @@ static DEFINE_PER_CPU(unsigned int, iommu_hash_common); ...@@ -21,8 +21,7 @@ static DEFINE_PER_CPU(unsigned int, iommu_hash_common);
static inline bool need_flush(struct iommu_map_table *iommu) static inline bool need_flush(struct iommu_map_table *iommu)
{ {
return (iommu->lazy_flush != NULL && return ((iommu->flags & IOMMU_NEED_FLUSH) != 0);
(iommu->flags & IOMMU_NEED_FLUSH) != 0);
} }
static inline void set_flush(struct iommu_map_table *iommu) static inline void set_flush(struct iommu_map_table *iommu)
...@@ -211,7 +210,8 @@ unsigned long iommu_tbl_range_alloc(struct device *dev, ...@@ -211,7 +210,8 @@ unsigned long iommu_tbl_range_alloc(struct device *dev,
goto bail; goto bail;
} }
} }
if (n < pool->hint || need_flush(iommu)) { if (iommu->lazy_flush &&
(n < pool->hint || need_flush(iommu))) {
clear_flush(iommu); clear_flush(iommu);
iommu->lazy_flush(iommu); iommu->lazy_flush(iommu);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment