iommu/vt-d: Check for NULL pointer in dmar_acpi_dev_scope_init()

When ir_dev_scope_init() is called via a rootfs initcall it
will check for irq_remapping_enabled before it calls
(indirectly) into dmar_acpi_dev_scope_init() which uses the
dmar_tbl pointer without any checks.

The AMD IOMMU driver also sets the irq_remapping_enabled
flag which causes the dmar_acpi_dev_scope_init() function to
be called on systems with AMD IOMMU hardware too, causing a
boot-time kernel crash.

Signed-off-by: Joerg Roedel <joro@8bytes.org>

diff --git a/drivers/iommu/dmar.c b/drivers/iommu/dmar.c
index 56e1c79dc77fd31bc9ad031df74a5eaecd73fc0b..e531a2b07207ef7b01c233370352aa68266879c3 100644 (file)
--- a/drivers/iommu/dmar.c
+++ b/drivers/iommu/dmar.c
@@ -657,7 +657,12 @@ static void __init dmar_acpi_insert_dev_scope(u8 device_number,
 
 static int __init dmar_acpi_dev_scope_init(void)
 {
-       struct acpi_dmar_andd *andd = (void *)dmar_tbl + sizeof(struct acpi_table_dmar);
+       struct acpi_dmar_andd *andd;
+
+       if (dmar_tbl == NULL)
+               return -ENODEV;
+
+       andd = (void *)dmar_tbl + sizeof(struct acpi_table_dmar);
 
        while (((unsigned long)andd) <
               ((unsigned long)dmar_tbl) + dmar_tbl->length) {