From: Julien Grall <jgrall@amazon.com>
Date: Thu, 17 Dec 2020 12:27:21 +0000 (+0000)
Subject: xen/iommu: Check if the IOMMU was initialized before tearing down
X-Git-Tag: 4.15.0-rc3~91
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=d670ef3401b91d04c58d72cd8ce5579b4fa900d8;p=people%2Ftklengyel%2Fxen.git

xen/iommu: Check if the IOMMU was initialized before tearing down

is_iommu_enabled() will return true even if the IOMMU has not been
initialized (e.g. the ops are not set).

In the case of an early failure in arch_domain_init(), the function
iommu_destroy_domain() will be called even if the IOMMU is not
initialized.

This will result to dereference the ops which will be NULL and an host
crash.

Fix the issue by checking that ops has been set before accessing it.

Fixes: 71e617a6b8f6 ("use is_iommu_enabled() where appropriate...")
Signed-off-by: Julien Grall <jgrall@amazon.com>
Reviewed-by: Paul Durrant <paul@xen.org>
---

diff --git a/xen/drivers/passthrough/iommu.c b/xen/drivers/passthrough/iommu.c
index 2358b6eb09..879d238bcd 100644
--- a/xen/drivers/passthrough/iommu.c
+++ b/xen/drivers/passthrough/iommu.c
@@ -221,6 +221,13 @@ static void iommu_teardown(struct domain *d)
 {
     struct domain_iommu *hd = dom_iommu(d);
 
+    /*
+     * During early domain creation failure, we may reach here with the
+     * ops not yet initialized.
+     */
+    if ( !hd->platform_ops )
+        return;
+
     iommu_vcall(hd->platform_ops, teardown, d);
 }