漏洞标题
iommu:清理清理工件时清除 iommu-dma 操作
漏洞描述信息
## 漏洞概述
在Linux内核中,当`iommu_device_register()`遇到错误时,可能会拆除已经配置的组和默认域,但设备仍然连接到`iommu-dma`操作。这可能导致系统不稳定或崩溃。
## 影响版本
未指定具体版本。
## 细节
当`iommu_device_register()`调用失败时,已配置的组和默认域会被拆除,但设备仍连接到`iommu-dma`操作。这种情况可能导致系统在没有正确配置的IOMMU驱动下无法正常执行DMA操作,并可能导致系统崩溃。修复措施包括清理`dev->dma_iommu`标志,确保设备的DMA操作被正确取消配置。
## 影响
即使IOMMU驱动加载失败,用户也不能期望DMA工作正常。修复这个漏洞可以确保设备在IOMMU驱动不存在时能够正常工作,避免因`iommu-dma`操作而导致系统崩溃。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
漏洞类别
未加控制的资源消耗(资源穷尽)
漏洞标题
iommu: Clear iommu-dma ops on cleanup
漏洞描述信息
In the Linux kernel, the following vulnerability has been resolved:
iommu: Clear iommu-dma ops on cleanup
If iommu_device_register() encounters an error, it can end up tearing
down already-configured groups and default domains, however this
currently still leaves devices hooked up to iommu-dma (and even
historically the behaviour in this area was at best inconsistent across
architectures/drivers...) Although in the case that an IOMMU is present
whose driver has failed to probe, users cannot necessarily expect DMA to
work anyway, it's still arguable that we should do our best to put
things back as if the IOMMU driver was never there at all, and certainly
the potential for crashing in iommu-dma itself is undesirable. Make sure
we clean up the dev->dma_iommu flag along with everything else.
CVSS信息
N/A
漏洞类别
N/A