Hi Baolu, On Thu, Apr 21, 2022 at 01:21:19PM +0800, Lu Baolu wrote: > +/* > + * Get the attached domain for asynchronous usage, for example the I/O > + * page fault handling framework. The caller get a reference counter > + * of the domain automatically on a successful return and should put > + * it with iommu_domain_put() after usage. > + */ > +struct iommu_domain * > +iommu_get_domain_for_dev_pasid_async(struct device *dev, ioasid_t pasid) > +{ > + struct iommu_domain *domain; > + struct iommu_group *group; > + > + if (!pasid_valid(pasid)) > + return NULL; > + > + group = iommu_group_get(dev); > + if (!group) > + return NULL; > + > + mutex_lock(&group->mutex);
There is a possible deadlock between unbind() and the fault handler: unbind() iopf_handle_group() mutex_lock(&group->mutex) iommu_detach_device_pasid() iopf_queue_flush_dev() iommu_get_domain_for_dev_pasid_async() ... waits for IOPF work mutex_lock(&group->mutex) I was wrong in my previous review: we do have a guarantee that the SVA domain does not go away during IOPF handling, because unbind() waits for pending faults with iopf_queue_flush_dev() before freeing the domain (or for Arm stall, knows that there are no pending faults). So we can just get rid of domain->async_users and the group->mutex in IOPF, I think? Thanks, Jean > + domain = xa_load(&group->pasid_array, pasid); > + if (domain) > + refcount_inc(&domain->async_users); > + mutex_unlock(&group->mutex); > + iommu_group_put(group); > + > + return domain; > +} > -- > 2.25.1 > _______________________________________________ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/iommu