summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJiri Slaby <jirislaby@gmail.com>2010-06-14 17:17:32 +0200
committerDavid Woodhouse <David.Woodhouse@intel.com>2010-06-15 10:50:46 +0100
commit00dfff77e7184140dc45724c7232e99302f6bf97 (patch)
tree16f6096b5ab13a42c7119e3d5f9c0b21817eacaf
parent25cbff1660d3f4c059a178a1e5b851be6d70c5e8 (diff)
downloadlinux-00dfff77e7184140dc45724c7232e99302f6bf97.tar.gz
linux-00dfff77e7184140dc45724c7232e99302f6bf97.tar.bz2
linux-00dfff77e7184140dc45724c7232e99302f6bf97.zip
intel-iommu: Fix double lock in get_domain_for_dev()
stanse found the following double lock. In get_domain_for_dev: spin_lock_irqsave(&device_domain_lock, flags); domain_exit(domain); domain_remove_dev_info(domain); spin_lock_irqsave(&device_domain_lock, flags); spin_unlock_irqrestore(&device_domain_lock, flags); spin_unlock_irqrestore(&device_domain_lock, flags); This happens when the domain is created by another CPU at the same time as this function is creating one, and the other CPU wins the race to attach it to the device in question, so we have to destroy our own newly-created one. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
-rw-r--r--drivers/pci/intel-iommu.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/drivers/pci/intel-iommu.c b/drivers/pci/intel-iommu.c
index 3bd30557ce2e..bf8fd913d064 100644
--- a/drivers/pci/intel-iommu.c
+++ b/drivers/pci/intel-iommu.c
@@ -1874,14 +1874,15 @@ static struct dmar_domain *get_domain_for_dev(struct pci_dev *pdev, int gaw)
}
}
if (found) {
+ spin_unlock_irqrestore(&device_domain_lock, flags);
free_devinfo_mem(info);
domain_exit(domain);
domain = found;
} else {
list_add(&info->link, &domain->devices);
list_add(&info->global, &device_domain_list);
+ spin_unlock_irqrestore(&device_domain_lock, flags);
}
- spin_unlock_irqrestore(&device_domain_lock, flags);
}
found_domain: