On Tue, Aug 09, 2016 at 04:23:17PM +0100, Robin Murphy wrote: > Due to the limitations of having to wait until we see a device's DMA > restrictions before we know how we want an IOVA domain initialised, > there is a window for error if a DMA ops domain is allocated but later > freed without ever being used. In that case, init_iova_domain() was > never called, so calling put_iova_domain() from iommu_put_dma_cookie() > ends up trying to take an uninitialised lock and crashing. > > Make things robust by skipping the call unless the IOVA domain actually > has been initialised, as we probably should have done from the start. > > Fixes: 0db2e5d18f76 ("iommu: Implement common IOMMU ops for DMA mapping") > Cc: stable@xxxxxxxxxxxxxxx > Reported-by: Nate Watterson <nwatters@xxxxxxxxxxxxxx> > Reviewed-by: Nate Watterson <nwatters@xxxxxxxxxxxxxx> > Tested-by: Nate Watterson <nwatters@xxxxxxxxxxxxxx> > Reviewed-by: Eric Auger <eric.auger@xxxxxxxxxx> > Tested-by: Eric Auger <eric.auger@xxxxxxxxxx> > Signed-off-by: Robin Murphy <robin.murphy@xxxxxxx> > --- > drivers/iommu/dma-iommu.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) Wow, that was quick :) Applied to iommu/fixes, thanks. -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html