Re: OMAP and MSM IOMMU driver misbehavior

[Stepan Moskovchenko]

On 1/23/2012 6:03 AM, Joerg Roedel wrote:
> Hi,
>
> while reviewing another IOMMU driver again I came across a problem in
> the IOMMU drivers for OMAP and MSM platforms. In both drivers the
> 'domain_destroy with devices attached' case isn't handled correctly.
>
> OMAP driver seems not to track the devices attached to a domain at all.
> So when a domain is destroyed it can happen that the hardware still
> references old (and already freed) page-table pointers.
>
> MSM tracks devices in a domain, but does not automatically remove the
> devices from a domain that is about to be destroyed.
>
> Please tell me when I mis-read the code, otherwise please fix this in
> your drivers so that we can get consistent behavior for IOMMU-API
> users :-)
>
> Thanks,
>
> 	Joerg

Hello

I believe your analysis is correct, and it is a legitimate problem. The 
driver does keep a list of devices attached to a domain, so it should 
not be too hard to detach them. However, I have been quite occupied with 
other things lately, but I can try to get to it when I have some free 
time. Calling detach_dev on each element is what needs to happen in 
theory, but I feel like the main detach_dev code will need to be broken 
out to handle the locking properly. Still, it does not sound 
particularly difficult.

Steve

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/