On Tue, Mar 09, 2021 at 08:45:13AM -0700, Alex Williamson wrote: > > I'm having trouble guessing why we need to refcount the group to add a > > notifier to the device's notifier chain? > > > > I suppose it actually has to do with the MMIO mapping? But I don't > > know what the relation is between MMIO mappings in the IOMMU and the > > container? This could deserve a comment? > > Sure, I can add a comment. We want to make sure the device remains > within an IOMMU context so long as we have a DMA mapping to the device > MMIO, which could potentially manipulate the device. IOMMU context is > managed a the group level. I find refcounting is easier to understand if the refcount inc/dec is near the thing that is actually using the object - so I'd suggest to move this to the iommu code. A comment sounds like a good idea since this is security sensitive Jason
