From: Jason Gunthorpe Date: Mon, 17 Jul 2023 18:12:07 +0000 (-0300) Subject: iommufd: Fix locking around hwpt allocation X-Git-Tag: v6.4.16~317 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=727a2c1402177ce1f59fb784a91a52c291d19a00;p=thirdparty%2Fkernel%2Fstable.git iommufd: Fix locking around hwpt allocation [ Upstream commit 31422dff187b243c58f3a97d16bbe9e9ada639fe ] Due to the auto_domains mechanism the ioas->mutex must be held until the hwpt is completely setup by iommufd_object_abort_and_destroy() or iommufd_object_finalize(). This prevents a concurrent iommufd_device_auto_get_domain() from seeing an incompletely initialized object through the ioas->hwpt_list. To make this more consistent move the unlock until after finalize. Fixes: e8d57210035b ("iommufd: Add kAPI toward external drivers for physical devices") Link: https://lore.kernel.org/r/11-v8-6659224517ea+532-iommufd_alloc_jgg@nvidia.com Reviewed-by: Kevin Tian Tested-by: Nicolin Chen Signed-off-by: Jason Gunthorpe Signed-off-by: Sasha Levin --- diff --git a/drivers/iommu/iommufd/device.c b/drivers/iommu/iommufd/device.c index ed2937a4e196f..2e43ebf1a2b5c 100644 --- a/drivers/iommu/iommufd/device.c +++ b/drivers/iommu/iommufd/device.c @@ -298,8 +298,8 @@ static int iommufd_device_auto_get_domain(struct iommufd_device *idev, } hwpt->auto_domain = true; - mutex_unlock(&ioas->mutex); iommufd_object_finalize(idev->ictx, &hwpt->obj); + mutex_unlock(&ioas->mutex); return 0; out_unlock: mutex_unlock(&ioas->mutex);