| Message ID | 1469018961-16367-1-git-send-email-honghui.zhang@mediatek.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Wed, Jul 20, 2016 at 08:49:21PM +0800, honghui.zhang@mediatek.com wrote: > From: Honghui Zhang <honghui.zhang@mediatek.com> > > For mtk iommu, the domain_finalize was called in device attatch, the mtk > iommu iopgt ops was allocated and initialized in domain_finalize, the > iommu_group_create_direct_mappings would call the map interface to > implement the map. If it's earlier than device attach, there would be NULL > dereference. Move the iommu_group_create_direct_mappings call after device > attached. No, this would open a race window where the device is attached, but doesn't have its unity-mappings in place. You should re-organize the mtk driver instead, so that it works in this order too. Joerg
diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c index 3000051..24c671c 100644 --- a/drivers/iommu/iommu.c +++ b/drivers/iommu/iommu.c @@ -427,14 +427,19 @@ rename: dev->iommu_group = group; - iommu_group_create_direct_mappings(group, dev); - mutex_lock(&group->mutex); list_add_tail(&device->list, &group->devices); if (group->domain) __iommu_attach_device(group->domain, dev); mutex_unlock(&group->mutex); + /* + * For some iommu driver like mtk iommu, the map callback was assigned + * after device attached. The direct_mappings would call iommu map and + * dereference NULL if it's called earlier than attach_device. + */ + iommu_group_create_direct_mappings(group, dev); + /* Notify any listeners about change to group. */ blocking_notifier_call_chain(&group->notifier, IOMMU_GROUP_NOTIFY_ADD_DEVICE, dev);