[smmu-0116] Avoid memory corruption from Hisilicon MSI payloads
Bug #1859927 reported by
Fred Kimmy
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| kunpeng920 |
Fix Released
|
Undecided
|
Unassigned | ||
| Ubuntu-18.04 |
Fix Released
|
Undecided
|
Unassigned | ||
| Ubuntu-18.04-hwe |
Fix Released
|
Undecided
|
Unassigned | ||
| Ubuntu-20.04 |
Fix Released
|
Undecided
|
Unassigned | ||
| Upstream-kernel |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
[Bug Description]
The GITS_TRANSLATER MMIO doorbell register in the ITS hardware is
architected to be 4 bytes in size, yet on hi1620 and earlier, Hisilicon
have allocated the adjacent 4 bytes to carry some IMPDEF sideband
information which results in an 8-byte MSI payload being delivered when
signalling an interrupt:
[Steps to Reproduce]
1)
2)
3)
[Actual Results]
[Expected Results]
[Reproducibility]
[Additional information]
(Firmware version, kernel version, affected hardware, etc. if required):
[Resolution]
iommu/arm-smmu-v3: Avoid memory corruption from Hisilicon MSI payloads
| tags: | added: ikeradar |
Revision history for this message
| Ike Panhc (ikepanhc) wrote | #1 |
| Changed in kunpeng920: | |
| status: | New → Fix Committed |
| tags: | removed: ikeradar |
| Changed in kunpeng920: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
Patch already in bionic and disco kernel as bug 1819546