If get_iommu_domid() in domain_context_unmap_one() fails, we better wouldn't clear the context entry in the first place, as we're then unable to issue the corresponding flush. However, we have no need to look up the DID in the first place: What needs flushing is very specifically the DID that was in the context entry before our clearing of it.
Signed-off-by: Jan Beulich <[email protected]> --- This (an intended follow-up to XSA-399) is actually a prereq to what was called patch 1 so far in this series. --- a/xen/drivers/passthrough/vtd/iommu.c +++ b/xen/drivers/passthrough/vtd/iommu.c @@ -1830,18 +1830,12 @@ int domain_context_unmap_one( return 0; } + iommu_domid = context_domain_id(*context); + context_clear_present(*context); context_clear_entry(*context); iommu_sync_cache(context, sizeof(struct context_entry)); - iommu_domid = get_iommu_did(domid, iommu, !domain->is_dying); - if ( iommu_domid == -1 ) - { - spin_unlock(&iommu->lock); - unmap_vtd_domain_page(context_entries); - return -EINVAL; - } - rc = iommu_flush_context_device(iommu, iommu_domid, PCI_BDF2(bus, devfn), DMA_CCMD_MASK_NOBIT, 0);
