vfio/spapr: fail tce_iommu_attach_group() when iommu_data is null
[ Upstream commit
bd00fdf198e2da475a2f4265a83686ab42d998a8 ]
The recently added mediated VFIO driver doesn't know about powerpc iommu.
It thus doesn't register a struct iommu_table_group in the iommu group
upon device creation. The iommu_data pointer hence remains null.
This causes a kernel oops when userspace tries to set the iommu type of a
container associated with a mediated device to VFIO_SPAPR_TCE_v2_IOMMU.
[ 82.585440] mtty mtty: MDEV: Registered
[ 87.655522] iommu: Adding device
83b8f4f2-509f-382f-3c1e-
e6bfe0fa1001 to group 10
[ 87.655527] vfio_mdev
83b8f4f2-509f-382f-3c1e-
e6bfe0fa1001: MDEV: group_id = 10
[ 116.297184] Unable to handle kernel paging request for data at address 0x00000030
[ 116.297389] Faulting instruction address: 0xd000000007870524
[ 116.297465] Oops: Kernel access of bad area, sig: 11 [#1]
[ 116.297611] SMP NR_CPUS=2048
[ 116.297611] NUMA
[ 116.297627] PowerNV
...
[ 116.297954] CPU: 33 PID: 7067 Comm: qemu-system-ppc Not tainted 4.10.0-rc5-mdev-test #8
[ 116.297993] task:
c000000e7718b680 task.stack:
c000000e77214000
[ 116.298025] NIP:
d000000007870524 LR:
d000000007870518 CTR:
0000000000000000
[ 116.298064] REGS:
c000000e77217990 TRAP: 0300 Not tainted (4.10.0-rc5-mdev-test)
[ 116.298103] MSR:
9000000000009033 <SF,HV,EE,ME,IR,DR,RI,LE>
[ 116.298107] CR:
84004444 XER:
00000000
[ 116.298154] CFAR:
c00000000000888c DAR:
0000000000000030 DSISR:
40000000 SOFTE: 1
GPR00:
d000000007870518 c000000e77217c10 d00000000787b0ed c000000eed2103c0
GPR04:
0000000000000000 0000000000000000 c000000eed2103e0 0000000f24320000
GPR08:
0000000000000104 0000000000000001 0000000000000000 d0000000078729b0
GPR12:
c00000000025b7e0 c00000000fe08400 0000000000000001 000001002d31d100
GPR16:
000001002c22c850 00003ffff315c750 0000000043145680 0000000043141bc0
GPR20:
ffffffffffffffed fffffffffffff000 0000000020003b65 d000000007706018
GPR24:
c000000f16cf0d98 d000000007706000 c000000003f42980 c000000003f42980
GPR28:
c000000f1575ac00 c000000003f429c8 0000000000000000 c000000eed2103c0
[ 116.298504] NIP [
d000000007870524] tce_iommu_attach_group+0x10c/0x360 [vfio_iommu_spapr_tce]
[ 116.298555] LR [
d000000007870518] tce_iommu_attach_group+0x100/0x360 [vfio_iommu_spapr_tce]
[ 116.298601] Call Trace:
[ 116.298610] [
c000000e77217c10] [
d000000007870518] tce_iommu_attach_group+0x100/0x360 [vfio_iommu_spapr_tce] (unreliable)
[ 116.298671] [
c000000e77217cb0] [
d0000000077033a0] vfio_fops_unl_ioctl+0x278/0x3e0 [vfio]
[ 116.298713] [
c000000e77217d40] [
c0000000002a3ebc] do_vfs_ioctl+0xcc/0x8b0
[ 116.298745] [
c000000e77217de0] [
c0000000002a4700] SyS_ioctl+0x60/0xc0
[ 116.298782] [
c000000e77217e30] [
c00000000000b220] system_call+0x38/0xfc
[ 116.298812] Instruction dump:
[ 116.298828]
7d3f4b78 409effc8 3d220000 e9298020 3c800140 38a00018 608480c0 e8690028
[ 116.298869]
4800249d e8410018 7c7f1b79 41820230 <
e93e0030>
2fa90000 419e0114 e9090020
[ 116.298914] ---[ end trace
1e10b0ced08b9120 ]---
This patch fixes the oops.
Reported-by: Vaibhav Jain <vaibhav@linux.vnet.ibm.com>
Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>