review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Yi Liu <yi.l.liu@intel.com>
	Thu, 6 Mar 2025 03:48:42 +0000 (19:48 -0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sun, 20 Apr 2025 08:16:00 +0000 (10:16 +0200)
commit	5d9484cd372db106e8303464a67641ce66ad7ec1
tree	c9af80f19ed7874b3a8a76281723ca43689e0cce	tree \| snapshot
parent	6d11543bf37abdf60b8e6022a62fccfb82a5fe2e	commit \| diff

iommufd: Fail replace if device has not been attached

commit 55c85fa7579dc2e3f5399ef5bad67a44257c1a48 upstream.

The current implementation of iommufd_device_do_replace() implicitly
assumes that the input device has already been attached. However, there
is no explicit check to verify this assumption. If another device within
the same group has been attached, the replace operation might succeed,
but the input device itself may not have been attached yet.

As a result, the input device might not be tracked in the
igroup->device_list, and its reserved IOVA might not be added. Despite
this, the caller might incorrectly assume that the device has been
successfully replaced, which could lead to unexpected behavior or errors.

To address this issue, add a check to ensure that the input device has
been attached before proceeding with the replace operation. This check
will help maintain the integrity of the device tracking system and prevent
potential issues arising from incorrect assumptions about the device's
attachment status.

Fixes: e88d4ec154a8 ("iommufd: Add iommufd_device_replace()")
Link: https://patch.msgid.link/r/20250306034842.5950-1-yi.l.liu@intel.com
Cc: stable@vger.kernel.org
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Signed-off-by: Yi Liu <yi.l.liu@intel.com>
Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>