[PATCH for 4.9 28/39] iommu/io-pgtable-arm: Check for leaf entry before dereferencing it

From: Levin, Alexander (Sasha Levin)
Date: Sun Sep 17 2017 - 20:45:08 EST


From: Oleksandr Tyshchenko <oleksandr_tyshchenko@xxxxxxxx>

[ Upstream commit ed46e66cc1b3d684042f92dfa2ab15ee917b4cac ]

Do a check for already installed leaf entry at the current level before
dereferencing it in order to avoid walking the page table down with
wrong pointer to the next level.

Signed-off-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@xxxxxxxx>
CC: Will Deacon <will.deacon@xxxxxxx>
CC: Robin Murphy <robin.murphy@xxxxxxx>
Signed-off-by: Will Deacon <will.deacon@xxxxxxx>
Signed-off-by: Sasha Levin <alexander.levin@xxxxxxxxxxx>
---
drivers/iommu/io-pgtable-arm.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/iommu/io-pgtable-arm.c b/drivers/iommu/io-pgtable-arm.c
index f5c90e1366ce..7c9d632f1d09 100644
--- a/drivers/iommu/io-pgtable-arm.c
+++ b/drivers/iommu/io-pgtable-arm.c
@@ -335,8 +335,12 @@ static int __arm_lpae_map(struct arm_lpae_io_pgtable *data, unsigned long iova,
if (cfg->quirks & IO_PGTABLE_QUIRK_ARM_NS)
pte |= ARM_LPAE_PTE_NSTABLE;
__arm_lpae_set_pte(ptep, pte, cfg);
- } else {
+ } else if (!iopte_leaf(pte, lvl)) {
cptep = iopte_deref(pte, data);
+ } else {
+ /* We require an unmap first */
+ WARN_ON(!selftest_running);
+ return -EEXIST;
}

/* Rinse, repeat */
--
2.11.0