Hi,
Qian reported more race conditions around the dma-mapping
code path in the AMD IOMMU driver. The race condtions are
between increas_address_space() and fetch_pte(), there were
two of them:
1) the 'pt_root' and 'mode' fields of 'struct
protection_domain' relate to each other so that
they must be updated together atomically.
2) The increase_address_space() function publishes
the updated page-table before it has been written
to the DTE. This might cause PTEs to be mapped
and addresses handed to the device which are not
yet reachable through the DTE entry, causing IO
page-faults.
This patch-set fixes these issues, as tested by Qian Cai.
Thanks a lot again for reporting these issued and testing
the fixes!
Regards,
Joerg
Joerg Roedel (5):
iommu/amd: Fix race in increase_address_space()/fetch_pte()
iommu/amd: Do not loop forever when trying to increase address space
iommu/amd: Call domain_flush_complete() in update_domain()
iommu/amd: Update Device Table in increase_address_space()
iommu/amd: Do not flush Device Table in iommu_map_page()
drivers/iommu/amd_iommu.c | 198 +++++++++++++++++++++++++-------
drivers/iommu/amd_iommu_types.h | 9 +-
2 files changed, 161 insertions(+), 46 deletions(-)
--
2.17.1
