On Thu, Nov 19, 2020 at 10:18:05AM +0800, Lu Baolu wrote: > The original author of this patch series has left Intel. I am now the > backup.
Ok, thanks for letting me know. > On 11/18/20 9:51 PM, Will Deacon wrote: > > On Fri, Sep 25, 2020 at 12:06:18PM -0700, Ashok Raj wrote: > > > From: Sai Praneeth Prakhya <sai.praneeth.prak...@intel.com> [...] > > > +free_new_domain: > > > + iommu_domain_free(group->default_domain); > > > + group->default_domain = prev_dom; > > > + group->domain = prev_dom;i > > > > Hmm. This seems to rely on all users of group->default_domain holding the > > group->mutex. Have you confirmed that this is the case? There's a funny > > use of iommu_group_get() in the exynos IOMMU driver at least. > > Emm. This change happens within the area with group->mutex held. Or I > am not getting your point? Yeah, sorry, I wasn't very clear. This code holds the group->mutex, and it relies on _anybody_ else who wants to inspect group->default_domain also holding that mutex, otherwise they could observe a transient domain pointer which we free on the failure path here. My question is whether or not there is code that inspects group->default_domain without group->mutex held? The exynos case doesn't obviously hold it, and I'd like to make sure that there aren't others that we need to worry about. Does that make more sense? Thanks, Will _______________________________________________ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/iommu