On Monday 01 November 2010 19:41:21 Jan Kiszka wrote:
> Hi Sheng,
>
> I'm not claiming to understand the details, but this looks like use
> (dereference of pte via dma_pte_addr) after release (free_pgtable_page
> of dmar_domain->pgd aka pte) to me:
>
> static int intel_iommu_attach_device(struct iommu_domain *domain,
> struct device *dev)
> {
> [...]
> pte = dmar_domain->pgd;
> if (dma_pte_present(pte)) {
> free_pgtable_page(dmar_domain->pgd);
> dmar_domain->pgd = (struct dma_pte *)
> phys_to_virt(dma_pte_addr(pte));
> }
>
> At least it crashes here right on pte->val access. Swap both lines?
I think code is right.
The comment above indicate the case: the code want to decrease the level of page
table. Mostly it is a 4 level page table, and the code would turn it into 3 levels
pagetable. What the code did is just get the first entry of the old pagetable level
4, then free the level 4 pagetable's page, and make the pagetable to a level 3
pagetable.
Seems it make no sense to swap the lines...
--
regards
Yang, Sheng
>
> Jan
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
