Home Home > GIT Browse
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoerg Roedel <jroedel@suse.de>2018-07-03 14:51:17 +0200
committerJoerg Roedel <jroedel@suse.de>2018-07-03 14:51:17 +0200
commit83fcbf77c773ee1f5b3bdb96e4e4477e60453893 (patch)
treee37f68736b15f5418b05b32f2a854a272d9e6059
parente2980d3f6de4ea2be07ad89eba7dc4b5ad753a56 (diff)
iommu/vt-d: Fix race condition in add_unmap() (bsc#1096790, bsc#1097034).
-rw-r--r--patches.suse/0001-iommu-vt-d-Fix-race-condition-in-add_unmap.patch34
-rw-r--r--series.conf3
2 files changed, 37 insertions, 0 deletions
diff --git a/patches.suse/0001-iommu-vt-d-Fix-race-condition-in-add_unmap.patch b/patches.suse/0001-iommu-vt-d-Fix-race-condition-in-add_unmap.patch
new file mode 100644
index 0000000000..655f5bb8ea
--- /dev/null
+++ b/patches.suse/0001-iommu-vt-d-Fix-race-condition-in-add_unmap.patch
@@ -0,0 +1,34 @@
+From: Joerg Roedel <jroedel@suse.de>
+Date: Fri, 15 Jun 2018 15:09:43 +0200
+Subject: iommu/vt-d: Fix race condition in add_unmap()
+Patch-mainline: No, upstream switched to a different implementation
+References: bsc#1096790, bsc#1097034
+
+The high-water-mark needs to be checked again after the lock
+is taken, otherwise flush_data->size might grow larger than
+the high-water-mark and we write behind the array limits of
+the deferred flush tables.
+
+Signed-off-by: Joerg Roedel <jroedel@suse.de>
+---
+ drivers/iommu/intel-iommu.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c
+index 880830d..919ede7 100644
+--- a/drivers/iommu/intel-iommu.c
++++ b/drivers/iommu/intel-iommu.c
+@@ -3742,6 +3742,10 @@ static void add_unmap(struct dmar_domain *dom, unsigned long iova_pfn,
+
+ spin_lock_irqsave(&flush_data->lock, flags);
+
++ /* Need to check that again after we own the lock */
++ if (unlikely(flush_data->size == HIGH_WATER_MARK))
++ flush_unmaps(flush_data);
++
+ iommu = domain_get_iommu(dom);
+ iommu_id = iommu->seq_id;
+
+--
+2.12.3
+
diff --git a/series.conf b/series.conf
index 719887875c..9250de029d 100644
--- a/series.conf
+++ b/series.conf
@@ -20894,6 +20894,9 @@
patches.drivers/0003-iommu-amd-fix-alloc_irq_index-increment
patches.drivers/0004-iommu-vt-d-use-domain-instead-of-cache-fetching
+ # bsc#1097034, bsc#1096790
+ patches.suse/0001-iommu-vt-d-Fix-race-condition-in-add_unmap.patch
+
########################################################
# Trusted Platform Module 2.0 support
########################################################