diff mbox series

[v6,11/19] iommufd: Fix locking around hwpt allocation

Message ID 11-v6-fdb604df649a+369-iommufd_alloc_jgg@nvidia.com (mailing list archive)
State New, archived
Headers show
Series [v6,01/19] iommufd: Move isolated msi enforcement to iommufd_device_bind() | expand

Commit Message

Jason Gunthorpe April 20, 2023, 6:51 p.m. UTC
Due to the auto_domains mechanism the ioas->mutex must be held until
the hwpt is completely setup by iommufd_object_abort_and_destroy() or
iommufd_object_finalize().

This prevents a concurrent iommufd_device_auto_get_domain() from seeing
an incompletely initialized object through the ioas->hwpt_list.

To make this more consistent move the unlock until after finalize.

Fixes: e8d57210035b ("iommufd: Add kAPI toward external drivers for physical devices")
Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
---
 drivers/iommu/iommufd/device.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Tian, Kevin April 21, 2023, 7:30 a.m. UTC | #1
> From: Jason Gunthorpe <jgg@nvidia.com>
> Sent: Friday, April 21, 2023 2:51 AM
> 
> Due to the auto_domains mechanism the ioas->mutex must be held until
> the hwpt is completely setup by iommufd_object_abort_and_destroy() or
> iommufd_object_finalize().
> 
> This prevents a concurrent iommufd_device_auto_get_domain() from seeing
> an incompletely initialized object through the ioas->hwpt_list.
> 
> To make this more consistent move the unlock until after finalize.
> 
> Fixes: e8d57210035b ("iommufd: Add kAPI toward external drivers for
> physical devices")
> Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>

Reviewed-by: Kevin Tian <kevin.tian@intel.com>
diff mbox series

Patch

diff --git a/drivers/iommu/iommufd/device.c b/drivers/iommu/iommufd/device.c
index 782b4fd76f31eb..2155fafda27a5f 100644
--- a/drivers/iommu/iommufd/device.c
+++ b/drivers/iommu/iommufd/device.c
@@ -398,8 +398,8 @@  static int iommufd_device_auto_get_domain(struct iommufd_device *idev,
 	hwpt->auto_domain = true;
 	*pt_id = hwpt->obj.id;
 
-	mutex_unlock(&ioas->mutex);
 	iommufd_object_finalize(idev->ictx, &hwpt->obj);
+	mutex_unlock(&ioas->mutex);
 	return 0;
 out_unlock:
 	mutex_unlock(&ioas->mutex);