Re: [RFC 0/3] iommu/iova: Unsafe locking in find_iova()

From: Joerg Roedel
Date: Fri Jul 06 2018 - 09:16:22 EST

Next message: Ido Schimmel: "Re: [PATCH net-next] mlxsw: spectrum_router: avoid uninitialized variable access"
Previous message: Will Deacon: "Re: [PATCHv3 00/12] atomics: generate atomic headers / instrument arm64"
In reply to: Dmitry Safonov: "Re: [RFC 0/3] iommu/iova: Unsafe locking in find_iova()"
Next in thread: Dmitry Safonov: "Re: [RFC 0/3] iommu/iova: Unsafe locking in find_iova()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jun 21, 2018 at 07:08:20PM +0100, Dmitry Safonov wrote:
> find_iova() looks to be using a bad locking practice: it locks the
> returned iova only for the search time. And looking in code, the
> element can be removed from the tree and freed under rbtree lock. That
> happens during memory hot-unplug and cleanup on module removal. Here
> I cleanup users of the function and delete it.

But this is only a problem if more than one code-path uses tries to
handle a given iova at the same time, no?

Regards,

Joerg

Next message: Ido Schimmel: "Re: [PATCH net-next] mlxsw: spectrum_router: avoid uninitialized variable access"
Previous message: Will Deacon: "Re: [PATCHv3 00/12] atomics: generate atomic headers / instrument arm64"
In reply to: Dmitry Safonov: "Re: [RFC 0/3] iommu/iova: Unsafe locking in find_iova()"
Next in thread: Dmitry Safonov: "Re: [RFC 0/3] iommu/iova: Unsafe locking in find_iova()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]