374bcab6c1
[ Upstream commit 5a522150093a0eabae9470a70a37a6e436bfad08 ]
Currently vhost_vdpa_cleanup() unmaps the DMA mappings by calling
`iommu_unmap(v->domain, map->start, map->size);`
from vhost_vdpa_general_unmap() when the parent vDPA driver doesn't
provide DMA config operations.
However, the IOMMU domain referred to by `v->domain` is freed in
vhost_vdpa_free_domain() before vhost_vdpa_cleanup() in
vhost_vdpa_release() which results in NULL pointer de-reference.
Accordingly, moving the call to vhost_vdpa_free_domain() in
vhost_vdpa_cleanup() would makes sense. This will also help
detaching the dma device in error handling of vhost_vdpa_alloc_domain().
This issue was observed on terminating QEMU with SIGQUIT.
Fixes:
|
||
|---|---|---|
| .. | ||
| iotlb.c | ||
| Kconfig | ||
| Makefile | ||
| net.c | ||
| scsi.c | ||
| test.c | ||
| test.h | ||
| vdpa.c | ||
| vhost.c | ||
| vhost.h | ||
| vringh.c | ||
| vsock.c | ||