From f321b6fadf5318503df67bc0a5741861382df7d5 Mon Sep 17 00:00:00 2001 From: Barak Biber Date: Sat, 14 Sep 2024 14:12:11 +0800 Subject: [PATCH] iommu: Restore lost return in iommu_report_device_fault() stable inclusion from stable-v6.10.7 commit cc6bc2ab1663ec9353636416af22452b078510e9 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAOXZS CVE: CVE-2024-44994 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=cc6bc2ab1663ec9353636416af22452b078510e9 -------------------------------- [ Upstream commit fca5b78511e98bdff2cdd55c172b23200a7b3404 ] When iommu_report_device_fault gets called with a partial fault it is supposed to collect the fault into the group and then return. Instead the return was accidently deleted which results in trying to process the fault and an eventual crash. Deleting the return was a typo, put it back. Fixes: 3dfa64aecbaf ("iommu: Make iommu_report_device_fault() return void") Signed-off-by: Barak Biber Signed-off-by: Jason Gunthorpe Reviewed-by: Lu Baolu Link: https://lore.kernel.org/r/0-v1-e7153d9c8cee+1c6-iommu_fault_fix_jgg@nvidia.com Signed-off-by: Joerg Roedel Signed-off-by: Sasha Levin Signed-off-by: Lin Ruifeng --- drivers/iommu/io-pgfault.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/iommu/io-pgfault.c b/drivers/iommu/io-pgfault.c index 06d78fcc79fd..f2c87c695a17 100644 --- a/drivers/iommu/io-pgfault.c +++ b/drivers/iommu/io-pgfault.c @@ -192,6 +192,7 @@ void iommu_report_device_fault(struct device *dev, struct iopf_fault *evt) report_partial_fault(iopf_param, fault); iopf_put_dev_fault_param(iopf_param); /* A request that is not the last does not need to be ack'd */ + return; } /* -- Gitee