tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

iommu: Lock group->mutex in iommu_deferred_attach()

The iommu_deferred_attach() function invokes __iommu_attach_device(), but
doesn't hold the group->mutex like other __iommu_attach_device() callers.

Though there is no pratical bug being triggered so far, it would be better
to apply the same locking to this __iommu_attach_device(), since the IOMMU
drivers nowaday are more aware of the group->mutex -- some of them use the
iommu_group_mutex_assert() function that could be potentially in the path
of an attach_dev callback function invoked by the __iommu_attach_device().

Worth mentioning that the iommu_deferred_attach() will soon need to check
group->resetting_domain that must be locked also.

Thus, grab the mutex to guard __iommu_attach_device() like other callers.

Reviewed-by: Jason Gunthorpe <jgg@nvidia.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Lu Baolu <baolu.lu@linux.intel.com>
Tested-by: Dheeraj Kumar Srivastava <dheerajkumar.srivastava@amd.com>
Signed-off-by: Nicolin Chen <nicolinc@nvidia.com>
Reviewed-by: Samiullah Khawaja <skhawaja@google.com>
Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>

authored by

Nicolin Chen and committed by
Joerg Roedel 5d5388b0 9ace4753

+10 -3
+10 -3
drivers/iommu/iommu.c
··· 2185 2185 2186 2186 int iommu_deferred_attach(struct device *dev, struct iommu_domain *domain) 2187 2187 { 2188 - if (dev->iommu && dev->iommu->attach_deferred) 2189 - return __iommu_attach_device(domain, dev, NULL); 2188 + /* 2189 + * This is called on the dma mapping fast path so avoid locking. This is 2190 + * racy, but we have an expectation that the driver will setup its DMAs 2191 + * inside probe while being single threaded to avoid racing. 2192 + */ 2193 + if (!dev->iommu || !dev->iommu->attach_deferred) 2194 + return 0; 2190 2195 2191 - return 0; 2196 + guard(mutex)(&dev->iommu_group->mutex); 2197 + 2198 + return __iommu_attach_device(domain, dev, NULL); 2192 2199 } 2193 2200 2194 2201 void iommu_detach_device(struct iommu_domain *domain, struct device *dev)