On Tue, Feb 02, 2021 at 06:42:57PM +0800, Chunyan Zhang wrote:
> +static phys_addr_t sprd_iommu_iova_to_phys(struct iommu_domain *domain,
> + dma_addr_t iova)
> +{
> + struct sprd_iommu_domain *dom = to_sprd_domain(domain);
> + unsigned long flags;
> + phys_addr_t pa;
> + unsigned long start = domain->geometry.aperture_start;
> + unsigned long end = domain->geometry.aperture_end;
> +
> + if (iova < start || iova > end)
> + pr_err("iova (0x%llx) exceed the vpn range[0x%lx-0x%lx]!\n",
> + iova, start, end);
It is not a good idea to continue here with an out-of-range iova. The
code below might access random memory for its checks. Better do a
WARN_ON here and return an invalid physical address.
> +
> + spin_lock_irqsave(&dom->pgtlock, flags);
> + pa = *(dom->pgt_va + ((iova - start) >> SPRD_IOMMU_PAGE_SHIFT));
> + pa = (pa << SPRD_IOMMU_PAGE_SHIFT) + ((iova - start) &
> (SPRD_IOMMU_PAGE_SIZE - 1));
> + spin_unlock_irqrestore(&dom->pgtlock, flags);
> +
> + return pa;
> +}
> +
