The iommu_deferred_attach() is a runtime asynchronous function called by
iommu-dma function, which will race against other attach functions if it
accesses something in the dev->iommu_group.
Grab the lock to protect it like others who call __iommu_attach_device()
as it will need to access dev->iommu_group.
Signed-off-by: Nicolin Chen <nicolinc@xxxxxxxxxx>
---
drivers/iommu/iommu.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
index a4b606c591da..08ff7efa8925 100644
--- a/drivers/iommu/iommu.c
+++ b/drivers/iommu/iommu.c
@@ -2151,10 +2151,14 @@ EXPORT_SYMBOL_GPL(iommu_attach_device);
int iommu_deferred_attach(struct device *dev, struct iommu_domain *domain)
{
- if (dev->iommu && dev->iommu->attach_deferred)
- return __iommu_attach_device(domain, dev);
+ struct iommu_group *group = dev->iommu_group;
+ int ret = 0;
- return 0;
+ mutex_lock(&group->mutex);
+ if (dev->iommu && dev->iommu->attach_deferred)
+ ret = __iommu_attach_device(domain, dev);
+ mutex_unlock(&group->mutex);
+ return ret;
}
void iommu_detach_device(struct iommu_domain *domain, struct device *dev)
--
2.43.0
