Re: [RFC 0/3] iommu/iova: Unsafe locking in find_iova()

From: Joerg Roedel
Date: Fri Jul 06 2018 - 11:13:32 EST

Next message: Arnd Bergmann: "Re: [PATCH] netfilter: conntrack: add weak IPV6 dependency"
Previous message: Jann Horn: "[PATCH] USB: yurex: fix out-of-bounds uaccess in read handler"
In reply to: Dmitry Safonov: "Re: [RFC 0/3] iommu/iova: Unsafe locking in find_iova()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jul 06, 2018 at 03:10:47PM +0100, Dmitry Safonov wrote:
> Yes, as far as I can see, there are code-paths which may try to handle
> it at the same time:
> o memory notifiers for hot-unplug (intel-iommu.c)
> o drivers unloading calls free_iova(), which in the result calls
> find_iova()
> o I see at least one driver that frees iova during it's normal work
> too: scif_rma.c:scif_free_window_offset()

Yeah, but the IOVAs freed in the memory notifiers are just the ones for
the direct-mapped RMRR regions requested by firmware, not the IOVAs
allocated by any driver, so I think this shouldn't be a problem.

Regards,

Joerg

Next message: Arnd Bergmann: "Re: [PATCH] netfilter: conntrack: add weak IPV6 dependency"
Previous message: Jann Horn: "[PATCH] USB: yurex: fix out-of-bounds uaccess in read handler"
In reply to: Dmitry Safonov: "Re: [RFC 0/3] iommu/iova: Unsafe locking in find_iova()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]