回复: Re: [PATCH] iommu/rockchip: prevent iommus dead loop when two masters share one IOMMU

From: xxm@xxxxxxxxxxxxxx
Date: Mon Jun 23 2025 - 04:38:23 EST

Next message: Krzysztof Kozlowski: "Re: [PATCH v3 0/5] media: venus: Add QCM2290 support with AR50_LITE core"
Previous message: Vlastimil Babka: "Re: [PATCH v3 3/4] mm: prevent KSM from breaking VMA merging for new VMAs"
In reply to: Robin Murphy: "Re: [PATCH] iommu/rockchip: prevent iommus dead loop when two masters share one IOMMU"
Next in thread: Simon Xue: "[PATCH v2] iommu/rockchip: prevent iommus dead loop when two masters share one IOMMU"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Robin,

>On 2025-06-20 8:39 am, Simon Xue wrote:

>> When two masters share an IOMMU, calling ops->of_xlate during

>> the second master's driver init may overwrite iommu->domain set

>> by the first. This causes the check if (iommu->domain == domain)

>> in rk_iommu_attach_device() to fail, resulting in the same

>> iommu->node being added twice to &rk_domain->iommus, which can

>> lead to an infinite loop in subsequent &rk_domain->iommus operations.

>

>Indeed this is a property of the IOMMU instance itself so it really

>should be initialised before registration, irrespective of client

>devices. FWIW, if it's possible to take an unexpected

>RK_MMU_IRQ_PAGE_FAULT immediately after requesting the IRQ (e.g. in a

>kdump kernel after a crash with the hardware still running) then I think

>the current code could probably end up dereferencing NULL in

>report_iommu_fault() as well.

Thanks for your review and clear explanation, I will add the information as you suggested.

Simon Xue

>

>Reviewed-by: Robin Murphy <robin.murphy@xxxxxxx>

>

>And probably also:

>

>Cc: stable@xxxxxxxxxxxxxxx

>Fixes: 25c2325575cc ("iommu/rockchip: Add missing set_platform_dma_ops

>callback")

>

>Thanks,

>Robin.

>

>> Signed-off-by: Simon Xue <xxm@xxxxxxxxxxxxxx>

>> ---

>>   drivers/iommu/rockchip-iommu.c | 3 ++-

>>   1 file changed, 2 insertions(+), 1 deletion(-)

>>

>> diff --git a/drivers/iommu/rockchip-iommu.c b/drivers/iommu/rockchip-iommu.c

>> index 22f74ba33a0e..e6bb3c784017 100644

>> --- a/drivers/iommu/rockchip-iommu.c

>> +++ b/drivers/iommu/rockchip-iommu.c

>> @@ -1157,7 +1157,6 @@ static int rk_iommu_of_xlate(struct device *dev,

>>   return -ENOMEM;

>>

>>   data->iommu = platform_get_drvdata(iommu_dev);

>> - data->iommu->domain = &rk_identity_domain;

>>   dev_iommu_priv_set(dev, data);

>>

>>   platform_device_put(iommu_dev);

>> @@ -1195,6 +1194,8 @@ static int rk_iommu_probe(struct platform_device *pdev)

>>   if (!iommu)

>>   return -ENOMEM;

>>

>> + iommu->domain = &rk_identity_domain;

>> +

>>   platform_set_drvdata(pdev, iommu);

>>   iommu->dev = dev;

>>   iommu->num_mmu = 0;

>

>

Next message: Krzysztof Kozlowski: "Re: [PATCH v3 0/5] media: venus: Add QCM2290 support with AR50_LITE core"
Previous message: Vlastimil Babka: "Re: [PATCH v3 3/4] mm: prevent KSM from breaking VMA merging for new VMAs"
In reply to: Robin Murphy: "Re: [PATCH] iommu/rockchip: prevent iommus dead loop when two masters share one IOMMU"
Next in thread: Simon Xue: "[PATCH v2] iommu/rockchip: prevent iommus dead loop when two masters share one IOMMU"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]