1. Patchew
  2. linux
  3. View series

[PATCH] iommu/vt-d: Clean up si_domain in the init_dmars() error path

Jerry Snitselaar posted 1 patch 3 years, 5 months ago
There is a newer version of this series
drivers/iommu/intel/iommu.c | 2 ++
1 file changed, 2 insertions(+)
[PATCH] iommu/vt-d: Clean up si_domain in the init_dmars() error path
Posted by Jerry Snitselaar 3 years, 5 months ago 
A splat from kmem_cache_destroy() was seen with a kernel prior to
commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool")
when there was a failure in init_dmars(), because the iommu_domain
cache still had objects. While the mempool code is now gone, there
still is a leak of the si_domain memory if init_dmars() fails. So
clean up si_domain in the init_dmars() error path.

Cc: Lu Baolu <baolu.lu@linux.intel.com>
Cc: Joerg Roedel <joro@8bytes.org>
Cc: Will Deacon <will@kernel.org>
Cc: Robin Murphy <robin.murphy@arm.com>
Fixes: 86080ccc223a ("iommu/vt-d: Allocate si_domain in init_dmars()")
Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
---
 drivers/iommu/intel/iommu.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
index 31bc50e538a3..8f1f80a4d0c5 100644
--- a/drivers/iommu/intel/iommu.c
+++ b/drivers/iommu/intel/iommu.c
@@ -3042,6 +3042,8 @@ static int __init init_dmars(void)
 		disable_dmar_iommu(iommu);
 		free_dmar_iommu(iommu);
 	}
+	if (si_domain)
+		domain_exit(si_domain);
 
 	return ret;
 }
-- 
2.37.2
Re: [PATCH] iommu/vt-d: Clean up si_domain in the init_dmars() error path
Posted by Baolu Lu 3 years, 5 months ago 
On 2022/10/10 14:56, Jerry Snitselaar wrote:
> A splat from kmem_cache_destroy() was seen with a kernel prior to
> commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool")
> when there was a failure in init_dmars(), because the iommu_domain
> cache still had objects. While the mempool code is now gone, there
> still is a leak of the si_domain memory if init_dmars() fails. So
> clean up si_domain in the init_dmars() error path.
> 
> Cc: Lu Baolu <baolu.lu@linux.intel.com>
> Cc: Joerg Roedel <joro@8bytes.org>
> Cc: Will Deacon <will@kernel.org>
> Cc: Robin Murphy <robin.murphy@arm.com>
> Fixes: 86080ccc223a ("iommu/vt-d: Allocate si_domain in init_dmars()")
> Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
> ---
>   drivers/iommu/intel/iommu.c | 2 ++
>   1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
> index 31bc50e538a3..8f1f80a4d0c5 100644
> --- a/drivers/iommu/intel/iommu.c
> +++ b/drivers/iommu/intel/iommu.c
> @@ -3042,6 +3042,8 @@ static int __init init_dmars(void)
>   		disable_dmar_iommu(iommu);
>   		free_dmar_iommu(iommu);
>   	}
> +	if (si_domain)
> +		domain_exit(si_domain);

Thank you for the patch.

Above requires si_domain to be NULL or a valid pointer. So do you also
need to add the following change?

--- a/drivers/iommu/intel/iommu.c
+++ b/drivers/iommu/intel/iommu.c
@@ -2410,6 +2410,7 @@ static int __init si_domain_init(int hw)

         if (md_domain_init(si_domain, DEFAULT_DOMAIN_ADDRESS_WIDTH)) {
                 domain_exit(si_domain);
+               si_domain = NULL;
                 return -EFAULT;
         }

Best regards,
baolu
Re: [PATCH] iommu/vt-d: Clean up si_domain in the init_dmars() error path
Posted by Jerry Snitselaar 3 years, 5 months ago 
On Mon, Oct 10, 2022 at 07:32:43PM +0800, Baolu Lu wrote:
> On 2022/10/10 14:56, Jerry Snitselaar wrote:
> > A splat from kmem_cache_destroy() was seen with a kernel prior to
> > commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool")
> > when there was a failure in init_dmars(), because the iommu_domain
> > cache still had objects. While the mempool code is now gone, there
> > still is a leak of the si_domain memory if init_dmars() fails. So
> > clean up si_domain in the init_dmars() error path.
> > 
> > Cc: Lu Baolu <baolu.lu@linux.intel.com>
> > Cc: Joerg Roedel <joro@8bytes.org>
> > Cc: Will Deacon <will@kernel.org>
> > Cc: Robin Murphy <robin.murphy@arm.com>
> > Fixes: 86080ccc223a ("iommu/vt-d: Allocate si_domain in init_dmars()")
> > Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
> > ---
> >   drivers/iommu/intel/iommu.c | 2 ++
> >   1 file changed, 2 insertions(+)
> > 
> > diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
> > index 31bc50e538a3..8f1f80a4d0c5 100644
> > --- a/drivers/iommu/intel/iommu.c
> > +++ b/drivers/iommu/intel/iommu.c
> > @@ -3042,6 +3042,8 @@ static int __init init_dmars(void)
> >   		disable_dmar_iommu(iommu);
> >   		free_dmar_iommu(iommu);
> >   	}
> > +	if (si_domain)
> > +		domain_exit(si_domain);
> 
> Thank you for the patch.
> 
> Above requires si_domain to be NULL or a valid pointer. So do you also
> need to add the following change?
> 
> --- a/drivers/iommu/intel/iommu.c
> +++ b/drivers/iommu/intel/iommu.c
> @@ -2410,6 +2410,7 @@ static int __init si_domain_init(int hw)
> 
>         if (md_domain_init(si_domain, DEFAULT_DOMAIN_ADDRESS_WIDTH)) {
>                 domain_exit(si_domain);
> +               si_domain = NULL;
>                 return -EFAULT;
>         }
> 
> Best regards,
> baolu

Hi Baolu,

Yes. I think should add it after the domain_exit() call I added as well.

Regards,
Jerry
[PATCH v2] iommu/vt-d: Clean up si_domain in the init_dmars() error path
Posted by Jerry Snitselaar 3 years, 5 months ago 
A splat from kmem_cache_destroy() was seen with a kernel prior to
commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool")
when there was a failure in init_dmars(), because the iommu_domain
cache still had objects. While the mempool code is now gone, there
still is a leak of the si_domain memory if init_dmars() fails. So
clean up si_domain in the init_dmars() error path.

Cc: Lu Baolu <baolu.lu@linux.intel.com>
Cc: Joerg Roedel <joro@8bytes.org>
Cc: Will Deacon <will@kernel.org>
Cc: Robin Murphy <robin.murphy@arm.com>
Fixes: 86080ccc223a ("iommu/vt-d: Allocate si_domain in init_dmars()")
Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
---
v2: Set si_domain to NULL after the memory it points to has been freed.

 drivers/iommu/intel/iommu.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
index 31bc50e538a3..ecc0b05b2796 100644
--- a/drivers/iommu/intel/iommu.c
+++ b/drivers/iommu/intel/iommu.c
@@ -2400,6 +2400,7 @@ static int __init si_domain_init(int hw)
 
 	if (md_domain_init(si_domain, DEFAULT_DOMAIN_ADDRESS_WIDTH)) {
 		domain_exit(si_domain);
+		si_domain = NULL;
 		return -EFAULT;
 	}
 
@@ -3042,6 +3043,10 @@ static int __init init_dmars(void)
 		disable_dmar_iommu(iommu);
 		free_dmar_iommu(iommu);
 	}
+	if (si_domain) {
+		domain_exit(si_domain);
+		si_domain = NULL;
+	}
 
 	return ret;
 }
-- 
2.37.2
Re: [PATCH v2] iommu/vt-d: Clean up si_domain in the init_dmars() error path
Posted by Baolu Lu 3 years, 5 months ago 
On 10/10/22 10:48 PM, Jerry Snitselaar wrote:
> A splat from kmem_cache_destroy() was seen with a kernel prior to
> commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool")
> when there was a failure in init_dmars(), because the iommu_domain
> cache still had objects. While the mempool code is now gone, there
> still is a leak of the si_domain memory if init_dmars() fails. So
> clean up si_domain in the init_dmars() error path.
> 
> Cc: Lu Baolu<baolu.lu@linux.intel.com>
> Cc: Joerg Roedel<joro@8bytes.org>
> Cc: Will Deacon<will@kernel.org>
> Cc: Robin Murphy<robin.murphy@arm.com>
> Fixes: 86080ccc223a ("iommu/vt-d: Allocate si_domain in init_dmars()")
> Signed-off-by: Jerry Snitselaar<jsnitsel@redhat.com>

Thanks for the patch. It has been queued for v6.1.

https://lore.kernel.org/linux-iommu/20221019004447.4563-1-baolu.lu@linux.intel.com/

Best regards,
baolu

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.