Commit 00dfff77 authored by Jiri Slaby's avatar Jiri Slaby Committed by David Woodhouse

intel-iommu: Fix double lock in get_domain_for_dev()

stanse found the following double lock.

In get_domain_for_dev:
  spin_lock_irqsave(&device_domain_lock, flags);
  domain_exit(domain);
    domain_remove_dev_info(domain);
      spin_lock_irqsave(&device_domain_lock, flags);
      spin_unlock_irqrestore(&device_domain_lock, flags);
  spin_unlock_irqrestore(&device_domain_lock, flags);

This happens when the domain is created by another CPU at the same time 
as this function is creating one, and the other CPU wins the race to 
attach it to the device in question, so we have to destroy our own 
newly-created one.
Signed-off-by: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
parent 25cbff16
...@@ -1874,15 +1874,16 @@ static struct dmar_domain *get_domain_for_dev(struct pci_dev *pdev, int gaw) ...@@ -1874,15 +1874,16 @@ static struct dmar_domain *get_domain_for_dev(struct pci_dev *pdev, int gaw)
} }
} }
if (found) { if (found) {
spin_unlock_irqrestore(&device_domain_lock, flags);
free_devinfo_mem(info); free_devinfo_mem(info);
domain_exit(domain); domain_exit(domain);
domain = found; domain = found;
} else { } else {
list_add(&info->link, &domain->devices); list_add(&info->link, &domain->devices);
list_add(&info->global, &device_domain_list); list_add(&info->global, &device_domain_list);
}
spin_unlock_irqrestore(&device_domain_lock, flags); spin_unlock_irqrestore(&device_domain_lock, flags);
} }
}
found_domain: found_domain:
info = alloc_devinfo_mem(); info = alloc_devinfo_mem();
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment