diff options
| author | Alex Williamson <alex.williamson@redhat.com> | 2012-04-17 21:46:44 -0600 |
|---|---|---|
| committer | Ben Hutchings <ben@decadent.org.uk> | 2012-05-31 00:43:11 +0100 |
| commit | 50fcec93e8c917b4f6e1a3219207d351e6eae1b2 (patch) | |
| tree | 1774342585bbae71bb540985dee995477b3ba661 /virt | |
| parent | 645b177cbfce6b695bdbe0b4c131de584821840d (diff) | |
| download | kernel_samsung_smdk4412-50fcec93e8c917b4f6e1a3219207d351e6eae1b2.zip kernel_samsung_smdk4412-50fcec93e8c917b4f6e1a3219207d351e6eae1b2.tar.gz kernel_samsung_smdk4412-50fcec93e8c917b4f6e1a3219207d351e6eae1b2.tar.bz2 | |
KVM: lock slots_lock around device assignment
(cherry picked from commit 21a1416a1c945c5aeaeaf791b63c64926018eb77)
As pointed out by Jason Baron, when assigning a device to a guest
we first set the iommu domain pointer, which enables mapping
and unmapping of memory slots to the iommu. This leaves a window
where this path is enabled, but we haven't synchronized the iommu
mappings to the existing memory slots. Thus a slot being removed
at that point could send us down unexpected code paths removing
non-existent pinnings and iommu mappings. Take the slots_lock
around creating the iommu domain and initial mappings as well as
around iommu teardown to avoid this race.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Diffstat (limited to 'virt')
| -rw-r--r-- | virt/kvm/iommu.c | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/virt/kvm/iommu.c b/virt/kvm/iommu.c index fd817a2..533db33 100644 --- a/virt/kvm/iommu.c +++ b/virt/kvm/iommu.c @@ -239,9 +239,13 @@ int kvm_iommu_map_guest(struct kvm *kvm) return -ENODEV; } + mutex_lock(&kvm->slots_lock); + kvm->arch.iommu_domain = iommu_domain_alloc(&pci_bus_type); - if (!kvm->arch.iommu_domain) - return -ENOMEM; + if (!kvm->arch.iommu_domain) { + r = -ENOMEM; + goto out_unlock; + } if (!allow_unsafe_assigned_interrupts && !iommu_domain_has_cap(kvm->arch.iommu_domain, @@ -252,17 +256,16 @@ int kvm_iommu_map_guest(struct kvm *kvm) " module option.\n", __func__); iommu_domain_free(kvm->arch.iommu_domain); kvm->arch.iommu_domain = NULL; - return -EPERM; + r = -EPERM; + goto out_unlock; } r = kvm_iommu_map_memslots(kvm); if (r) - goto out_unmap; - - return 0; + kvm_iommu_unmap_memslots(kvm); -out_unmap: - kvm_iommu_unmap_memslots(kvm); +out_unlock: + mutex_unlock(&kvm->slots_lock); return r; } @@ -338,7 +341,11 @@ int kvm_iommu_unmap_guest(struct kvm *kvm) if (!domain) return 0; + mutex_lock(&kvm->slots_lock); kvm_iommu_unmap_memslots(kvm); + kvm->arch.iommu_domain = NULL; + mutex_unlock(&kvm->slots_lock); + iommu_domain_free(domain); return 0; } |