From patchwork Thu Aug 31 08:20:41 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xie Yisheng X-Patchwork-Id: 9931581 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 15A89602F0 for ; Thu, 31 Aug 2017 08:32:43 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0673D2889C for ; Thu, 31 Aug 2017 08:32:43 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id EF24C288A2; Thu, 31 Aug 2017 08:32:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.6 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_LOW autolearn=unavailable version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 6017C2889C for ; Thu, 31 Aug 2017 08:32:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=9Pps7RsRq6MkuULzloFWdGxnPH/ozOKaC6qroJTaN1I=; b=Ig9InQvQG9JQOP r0UBrAc1rRyLulbmrKkSNUOctoU7itueGF1MavAqDlr4cgZxirlCx2bIpe/Pn88EX64BxUG7dVCu8 UbCHgsg80bQGBN3v3BwuEdIpu1hceky0/TMrfbIwaIVaNUGvon18RV3uY9sABtQKuW5hiQ+3vBNyz PgXh5k18yWXUHTDVtdCv5cqkpk9O2rERfA3FNq88ybSg7cGpiF87tCI2fClDRo19OvJsPwV84TBXh KZ2F3VE5gOeZi236TOsjt0/JPegXlLcKv20Mk9RDpDtQmmLf+B9VlGtIL370h60Yqg23xDesa8Oxk kmMbf+cZxv6Bra8Ni2oA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1dnKtx-0004et-St; Thu, 31 Aug 2017 08:32:37 +0000 Received: from szxga04-in.huawei.com ([45.249.212.190]) by bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1dnKrP-0002Eh-O3 for linux-arm-kernel@lists.infradead.org; Thu, 31 Aug 2017 08:30:03 +0000 Received: from 172.30.72.60 (EHLO DGGEMS402-HUB.china.huawei.com) ([172.30.72.60]) by dggrg04-dlp.huawei.com (MOS 4.4.6-GA FastPath queued) with ESMTP id DGG21838; Thu, 31 Aug 2017 16:29:14 +0800 (CST) Received: from linux-ibm.site (10.175.102.37) by DGGEMS402-HUB.china.huawei.com (10.3.19.202) with Microsoft SMTP Server id 14.3.301.0; Thu, 31 Aug 2017 16:29:04 +0800 From: Yisheng Xie To: Subject: [RFC PATCH 5/6] iommu/arm-smmu-v3: fix panic when handle stall mode irq Date: Thu, 31 Aug 2017 16:20:41 +0800 Message-ID: <1504167642-14922-6-git-send-email-xieyisheng1@huawei.com> X-Mailer: git-send-email 1.7.12.4 In-Reply-To: <1504167642-14922-1-git-send-email-xieyisheng1@huawei.com> References: <1504167642-14922-1-git-send-email-xieyisheng1@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.175.102.37] X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A010205.59A7C8DB.003B, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2014-11-16 11:51:01, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 84b3e9d20649a2036ccadf480bfef445 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20170831_013000_156581_A6AF959F X-CRM114-Status: GOOD ( 12.43 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: mark.rutland@arm.com, devicetree@vger.kernel.org, lorenzo.pieralisi@arm.com, lv.zheng@intel.com, will.deacon@arm.com, joro@8bytes.org, liubo95@huawei.com, rjw@rjwysocki.net, robert.moore@intel.com, linux-kernel@vger.kernel.org, linux-acpi@vger.kernel.org, iommu@lists.linux-foundation.org, robh+dt@kernel.org, hanjun.guo@linaro.org, xieyisheng@huawei.com, sudeep.holla@arm.com, chenjiankang1@huawei.com, devel@acpica.org, robin.murphy@arm.com, linux-arm-kernel@lists.infradead.org, lenb@kernel.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP When SMMU do not support SVM feature, however the master support SVM, which means matser can stall and with mult-pasid number, then the user can bind a task to device using API like iommu_bind_task(). however, when device trigger a stall mode fault i will cause panic: [ 106.996087] Unable to handle kernel NULL pointer dereference at virtual address 00000100 [ 106.996122] user pgtable: 4k pages, 48-bit VAs, pgd = ffff80003e023000 [ 106.996150] [0000000000000100] *pgd=000000003e04a003, *pud=000000003e04b003, *pmd=0000000000000000 [ 106.996201] Internal error: Oops: 96000006 [#1] PREEMPT SM [ 106.996224] Modules linked in: [ 106.996256] CPU: 0 PID: 916 Comm: irq/14-arm-smmu Not tainted 4.13.0-rc5-00035-g1235ddd-dirty #67 [ 106.996288] Hardware name: Hisilicon PhosphorHi1383 ESL (DT) [ 106.996317] task: ffff80003adc1c00 task.stack: ffff80003a9f8000 [ 106.996347] PC is at __queue_work+0x30/0x3a8 [ 106.996374] LR is at queue_work_on+0x60/0x78 [ 106.996401] pc : [] lr : [] pstate: 40c001c9 [ 106.996430] sp : ffff80003a9fbc20 [ 106.996451] x29: ffff80003a9fbc20 x28: ffff80003adc1c00 [ 106.996488] x27: ffff000008d05080 x26: ffff80003ab0e028 [ 106.996526] x25: ffff80003a9900ac x24: 0000000000000001 [ 106.996562] x23: 0000000000000040 x22: 0000000000000000 [ 106.996598] x21: 0000000000000000 x20: 0000000000000140 [ 106.996634] x19: ffff80003ab0e028 x18: 0000000000000010 [ 106.996670] x17: 0000ffffa52a5040 x16: ffff00000820f260 [ 106.996708] x15: 00000018e97629e0 x14: ffff80003fb89468 [ 106.996744] x13: 0000000000000000 x12: ffff80003abb0600 [ 106.996781] x11: 0000000000000000 x10: 0000010100000100 [ 106.996817] x9 : 0000ffff85de5010 x8 : 00000000e4830001 [ 106.996854] x7 : ffff80003a9fbcf8 x6 : 0000000fffffffe0 [ 106.996890] x5 : 0000000000000000 x4 : 0000000000000001 [ 106.996926] x3 : 0000000000000000 x2 : ffff80003ab0e028 [ 106.996962] x1 : 0000000000000000 x0 : 00000000000001c0 [ 106.997002] Process irq/14-arm-smmu (pid: 916, stack limit =0xffff80003a9f8000) [ 106.997035] Stack: (0xffff80003a9fbc20 to 0xffff80003a9fc000) [...] [ 106.998366] Call trace: [ 106.998842] [] __queue_work+0x30/0x3a8 [ 106.998874] [] queue_work_on+0x60/0x78 [ 106.998912] [] arm_smmu_handle_stall+0x104/0x138 [ 106.998952] [] arm_smmu_evtq_thread+0xc0/0x158 [ 106.998989] [] irq_thread_fn+0x28/0x68 [ 106.999025] [] irq_thread+0x128/0x1d0 [ 106.999060] [] kthread+0xfc/0x128 [ 106.999093] [] ret_from_fork+0x10/0x50 [ 106.999130] Code: a90153f3 a90573fb d53b4220 363814c0 (b94102a0) [ 106.999159] ---[ end trace 7e5c9f0cb1f2fecd ]--- And the resean is we donot init fault_queue while the fault handle need to use it. Fix by return -EINVAL in arm_smmu_bind_task() when smmu do not support the feature of SVM. Signed-off-by: Yisheng Xie --- drivers/iommu/arm-smmu-v3.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/iommu/arm-smmu-v3.c b/drivers/iommu/arm-smmu-v3.c index d44256a..dbda2eb 100644 --- a/drivers/iommu/arm-smmu-v3.c +++ b/drivers/iommu/arm-smmu-v3.c @@ -2922,6 +2922,8 @@ static int arm_smmu_bind_task(struct device *dev, struct task_struct *task, return -EINVAL; smmu = master->smmu; + if (!(smmu->features & ARM_SMMU_FEAT_SVM)) + return -EINVAL; domain = iommu_get_domain_for_dev(dev); if (WARN_ON(!domain))