Michael Tsirkin pointed out that file operations on /dev/vfio/vfio
dereference iommu_driver and iommu_data without a lock. If releasing
a group or unsetting the container occurs concurrently, we could race.
We currently use a mutex when setting this association, so we can
convert to a rwsem keeping the existing mutex critical sections as
down_writes and add down_reads where these are used. Thanks,
Alex
---
Alex Williamson (2):
vfio: Convert container->group_lock to rwsem
vfio: Use down_reads to protect iommu disconnects
drivers/vfio/vfio.c | 83 +++++++++++++++++++++++++++++++++++----------------
1 file changed, 57 insertions(+), 26 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
