CVE-2023-53789

Summary

In the Linux kernel, the following vulnerability has been resolved:

iommu/amd: Improve page fault error reporting

If IOMMU domain for device group is not setup properly then we may hit IOMMU page fault. Current page fault handler assumes that domain is always setup and it will hit NULL pointer derefence (see below sample log).

Lets check whether domain is setup or not and log appropriate message.

Sample log:

amdgpu 0000:00:01.0: amdgpu: SE 1, SH per SE 1, CU per SH 8, active_cu_number 6 BUG: kernel NULL pointer dereference, address: 0000000000000058 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 2 PID: 56 Comm: irq/24-AMD-Vi Not tainted 6.2.0-rc2+ #89 Hardware name: xxx RIP: 0010:report_iommu_fault+0x11/0x90 […] Call Trace: <TASK> amd_iommu_int_thread+0x60c/0x760 ? __pfx_irq_thread_fn+0x10/0x10 irq_thread_fn+0x1f/0x60 irq_thread+0xea/0x1a0 ? preempt_count_add+0x6a/0xa0 ? __pfx_irq_thread_dtor+0x10/0x10 ? __pfx_irq_thread+0x10/0x10 kthread+0xe9/0x110 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x2c/0x50 </TASK>

[joro: Edit commit message]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9f78e446bde812d18f228976f2c6b8f25b93f08b < be8301e2d5a8b95c04ae8e35d7bfee7b0f03f83aaffected
LinuxLinux9f78e446bde812d18f228976f2c6b8f25b93f08b < 446080b353f048b1fddaec1434cb3d27b5de7efeaffected
LinuxLinux9f78e446bde812d18f228976f2c6b8f25b93f08b < 996d120b4de2b0d6b592bd9fbbe6e244b81ab3ccaffected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux6.1.16 <= 6.1.*unaffected
LinuxLinux6.2.3 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

References