Re: [PATCH] iommu/arm-smmu-v3: Fix pgsize_bit for sva domains
From: Jason Gunthorpe
Date: Tue Apr 15 2025 - 09:11:09 EST
On Sat, Apr 12, 2025 at 10:23:54AM +1000, Balbir Singh wrote:
> UBSan caught a bug with IOMMU SVA domains, where the reported exponent
> value in __arm_smmu_tlb_inv_range() was >= 64.
> __arm_smmu_tlb_inv_range() uses the domain's pgsize_bitmap to compute
> the number of pages to invalidate and the invalidation range. Currently
> arm_smmu_sva_domain_alloc() does not setup the iommu domain's
> pgsize_bitmap. This leads to __ffs() on the value returning 64 and that
> leads to undefined behaviour w.r.t. shift operations
>
> Fix this by initializing the iommu_domain's pgsize_bitmap to PAGE_SIZE.
> Effectively the code needs to use the smallest page size for
> invalidation
>
> Fixes: eb6c97647be2 ("iommu/arm-smmu-v3: Avoid constructing invalid range commands")
> Suggested-by: Jason Gunthorpe <jgg@xxxxxxxxxx>
> Signed-off-by: Balbir Singh <balbirs@xxxxxxxxxx>
>
> Cc: Jean-Philippe Brucker <jean-philippe@xxxxxxxxxx>
> Cc: Will Deacon <will@xxxxxxxxxx>
> Cc: Robin Murphy <robin.murphy@xxxxxxx>
> Cc: Joerg Roedel <joro@xxxxxxxxxx>
> Cc: Jason Gunthorpe <jgg@xxxxxxxx>
>
> ---
> drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c | 6 ++++++
> 1 file changed, 6 insertions(+)
Reviewed-by: Jason Gunthorpe <jgg@xxxxxxxxxx>
This should go to rc
Jason