]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3416f5c) | patch
iommu_gas: Eliminate a possible case of use-after-free
authorAlan Cox <alc@FreeBSD.org>
Fri, 22 Jul 2022 17:00:26 +0000 (12:00 -0500)
committerAlan Cox <alc@FreeBSD.org>
Mon, 25 Jul 2022 16:14:58 +0000 (11:14 -0500)
commit8bc3673847453ca51237b5c85fe57f3f02e17a4b
tree52d7aca895de3cc87c92a19bc9d49b2b2dde5397tree | snapshot
parent3416f5cde7a7e01b25b5f5fd240ae8aa12fd70bfcommit | diff
iommu_gas: Eliminate a possible case of use-after-free

Eliminate a possible case of use-after-free in an error handling path
after a mapping failure.  Specifically, eliminate IOMMU_MAP_ENTRY_QI_NF
and instead perform the IOTLB invalidation synchronously.  Otherwise,
when iommu_domain_unload_entry() is called and told not to free the
IOMMU map entry, the caller could free the entry before dmar_qi_task()
is finished with it.

Reviewed by: kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D35878
sys/arm64/iommu/iommu.c diff | blob | history
sys/dev/iommu/iommu.h diff | blob | history
sys/dev/iommu/iommu_gas.c diff | blob | history
sys/dev/iommu/iommu_gas.h diff | blob | history
sys/x86/iommu/intel_ctx.c diff | blob | history
sys/x86/iommu/intel_dmar.h diff | blob | history
sys/x86/iommu/intel_qi.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.