iommu/arm-smmu: fix capability checking prior to device attach

If somebody attempts to check the capability of an IOMMU domain prior to
device attach, then we'll try to dereference a NULL SMMU pointer through
the SMMU domain (since we can't determine the actual SMMU instance until
we have a device attached).

This patch fixes the capability check so that non-global features are
reported as being absent when no device is attached to the domain.

Signed-off-by: Will Deacon <will.deacon@arm.com>

diff --git a/drivers/iommu/arm-smmu.c b/drivers/iommu/arm-smmu.c
index 7638b579e08dd873043144cb129b7ce5bfe24d1a..5496de58fc3b7861a05f6b566afbff09680a34b7 100644 (file)
--- a/drivers/iommu/arm-smmu.c
+++ b/drivers/iommu/arm-smmu.c
@@ -1509,7 +1509,8 @@ static int arm_smmu_domain_has_cap(struct iommu_domain *domain,
                                   unsigned long cap)
 {
        struct arm_smmu_domain *smmu_domain = domain->priv;
-       u32 features = smmu_domain->smmu->features;
+       struct arm_smmu_device *smmu = smmu_domain->smmu;
+       u32 features = smmu ? smmu->features : 0;
 
        switch (cap) {
        case IOMMU_CAP_CACHE_COHERENCY: