Re: [PATCH 5/8] iommu/qcom: Publish pgtbl_ops before releasing init_mutex
From: Konrad Dybcio
Date: Tue Jun 23 2026 - 12:16:01 EST
On 6/23/26 2:20 PM, Mukesh Ojha wrote:
> qcom_domain->pgtbl_ops was assigned after mutex_unlock(). Another thread
> calling qcom_iommu_init_domain() would see qcom_domain->iommu already set
> (domain fully initialized) and skip re-initialization under the mutex.
> If it then called qcom_iommu_map() before the first thread set pgtbl_ops,
> it would observe a NULL ops pointer and return -ENODEV for valid mappings.
>
> Move the assignment to before mutex_unlock() so that once the mutex is
> released the domain is fully visible to concurrent operations.
>
> Signed-off-by: Mukesh Ojha <mukesh.ojha@xxxxxxxxxxxxxxxx>
> ---
> drivers/iommu/arm/arm-smmu/qcom_iommu.c | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/iommu/arm/arm-smmu/qcom_iommu.c b/drivers/iommu/arm/arm-smmu/qcom_iommu.c
> index b6ce85f7f923..40fb0408dc07 100644
> --- a/drivers/iommu/arm/arm-smmu/qcom_iommu.c
> +++ b/drivers/iommu/arm/arm-smmu/qcom_iommu.c
> @@ -306,13 +306,12 @@ static int qcom_iommu_init_domain(struct iommu_domain *domain,
> ctx->domain = domain;
> }
>
> - mutex_unlock(&qcom_domain->init_mutex);
> -
> /* Publish page table ops for map/unmap */
> qcom_domain->pgtbl_ops = pgtbl_ops;
>
> - return 0;
> + mutex_unlock(&qcom_domain->init_mutex);
Reviewed-by: Konrad Dybcio <konrad.dybcio@xxxxxxxxxxxxxxxx>
even better, we could probably just wrap this in guard(mutex) now
Konrad