1. Patchew
  2. linux
  3. [PATCH v7 0/5] Disable ATS via iommu during PCI resets
  4. View patch

[PATCH v7 1/5] iommu: Lock group->mutex in iommu_deferred_attach()

Nicolin Chen posted 5 patches 1 week, 2 days ago
[PATCH v7 1/5] iommu: Lock group->mutex in iommu_deferred_attach()
Posted by Nicolin Chen 1 week, 2 days ago 
The iommu_deferred_attach() function invokes __iommu_attach_device(), but
doesn't hold the group->mutex like other __iommu_attach_device() callers.

Though there is no pratical bug being triggered so far, it would be better
to apply the same locking to this __iommu_attach_device(), since the IOMMU
drivers nowaday are more aware of the group->mutex -- some of them use the
iommu_group_mutex_assert() function that could be potentially in the path
of an attach_dev callback function invoked by the __iommu_attach_device().

Worth mentioning that the iommu_deferred_attach() will soon need to check
group->resetting_domain that must be locked also.

Thus, grab the mutex to guard __iommu_attach_device() like other callers.

Reviewed-by: Jason Gunthorpe <jgg@nvidia.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Lu Baolu <baolu.lu@linux.intel.com>
Signed-off-by: Nicolin Chen <nicolinc@nvidia.com>
---
 drivers/iommu/iommu.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
index 2ca990dfbb884..170e522b5bda4 100644
--- a/drivers/iommu/iommu.c
+++ b/drivers/iommu/iommu.c
@@ -2185,10 +2185,17 @@ EXPORT_SYMBOL_GPL(iommu_attach_device);
 
 int iommu_deferred_attach(struct device *dev, struct iommu_domain *domain)
 {
-	if (dev->iommu && dev->iommu->attach_deferred)
-		return __iommu_attach_device(domain, dev, NULL);
+	/*
+	 * This is called on the dma mapping fast path so avoid locking. This is
+	 * racy, but we have an expectation that the driver will setup its DMAs
+	 * inside probe while being single threaded to avoid racing.
+	 */
+	if (!dev->iommu || !dev->iommu->attach_deferred)
+		return 0;
 
-	return 0;
+	guard(mutex)(&dev->iommu_group->mutex);
+
+	return __iommu_attach_device(domain, dev, NULL);
 }
 
 void iommu_detach_device(struct iommu_domain *domain, struct device *dev)
-- 
2.43.0
Re: [PATCH v7 1/5] iommu: Lock group->mutex in iommu_deferred_attach()
Posted by Srivastava, Dheeraj Kumar 5 days, 12 hours ago 
Hi,

On 11/22/2025 7:27 AM, Nicolin Chen wrote:
> The iommu_deferred_attach() function invokes __iommu_attach_device(), but
> doesn't hold the group->mutex like other __iommu_attach_device() callers.
> 
> Though there is no pratical bug being triggered so far, it would be better
> to apply the same locking to this __iommu_attach_device(), since the IOMMU
> drivers nowaday are more aware of the group->mutex -- some of them use the
> iommu_group_mutex_assert() function that could be potentially in the path
> of an attach_dev callback function invoked by the __iommu_attach_device().
> 
> Worth mentioning that the iommu_deferred_attach() will soon need to check
> group->resetting_domain that must be locked also.
> 
> Thus, grab the mutex to guard __iommu_attach_device() like other callers.
> 

Tested the series with PCI reset on PFs and VFs, including device 
pass-through to a Linux guest. All scenarios worked as expected.

Tested-by: Dheeraj Kumar Srivastava <dheerajkumar.srivastava@amd.com>

Thanks
Dheeraj

> Reviewed-by: Jason Gunthorpe <jgg@nvidia.com>
> Reviewed-by: Kevin Tian <kevin.tian@intel.com>
> Reviewed-by: Lu Baolu <baolu.lu@linux.intel.com>
> Signed-off-by: Nicolin Chen <nicolinc@nvidia.com>
> ---
>   drivers/iommu/iommu.c | 13 ++++++++++---
>   1 file changed, 10 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
> index 2ca990dfbb884..170e522b5bda4 100644
> --- a/drivers/iommu/iommu.c
> +++ b/drivers/iommu/iommu.c
> @@ -2185,10 +2185,17 @@ EXPORT_SYMBOL_GPL(iommu_attach_device);
>   
>   int iommu_deferred_attach(struct device *dev, struct iommu_domain *domain)
>   {
> -	if (dev->iommu && dev->iommu->attach_deferred)
> -		return __iommu_attach_device(domain, dev, NULL);
> +	/*
> +	 * This is called on the dma mapping fast path so avoid locking. This is
> +	 * racy, but we have an expectation that the driver will setup its DMAs
> +	 * inside probe while being single threaded to avoid racing.
> +	 */
> +	if (!dev->iommu || !dev->iommu->attach_deferred)
> +		return 0;
>   
> -	return 0;
> +	guard(mutex)(&dev->iommu_group->mutex);
> +
> +	return __iommu_attach_device(domain, dev, NULL);
>   }
>   
>   void iommu_detach_device(struct iommu_domain *domain, struct device *dev)
Re: [PATCH v7 1/5] iommu: Lock group->mutex in iommu_deferred_attach()
Posted by Nicolin Chen 5 days, 9 hours ago 
On Wed, Nov 26, 2025 at 06:25:34PM +0530, Srivastava, Dheeraj Kumar wrote:
> On 11/22/2025 7:27 AM, Nicolin Chen wrote:
> > The iommu_deferred_attach() function invokes __iommu_attach_device(), but
> > doesn't hold the group->mutex like other __iommu_attach_device() callers.
> > 
> > Though there is no pratical bug being triggered so far, it would be better
> > to apply the same locking to this __iommu_attach_device(), since the IOMMU
> > drivers nowaday are more aware of the group->mutex -- some of them use the
> > iommu_group_mutex_assert() function that could be potentially in the path
> > of an attach_dev callback function invoked by the __iommu_attach_device().
> > 
> > Worth mentioning that the iommu_deferred_attach() will soon need to check
> > group->resetting_domain that must be locked also.
> > 
> > Thus, grab the mutex to guard __iommu_attach_device() like other callers.
> > 
> 
> Tested the series with PCI reset on PFs and VFs, including device
> pass-through to a Linux guest. All scenarios worked as expected.
> 
> Tested-by: Dheeraj Kumar Srivastava <dheerajkumar.srivastava@amd.com>

Thanks for testing!

Yet, this is replying to PATCH-1. So, you might want to reply with
your "Tested-by" tag to PATCH-0 :)

Otherwise, default B4 command might miss your tag in other patches:

  ✗ [PATCH v7 1/5] iommu: Lock group->mutex in iommu_deferred_attach()
    + Tested-by: Dheeraj Kumar Srivastava <dheerajkumar.srivastava@amd.com> (✓ DKIM/amd.com)
  ✗ [PATCH v7 2/5] iommu: Tidy domain for iommu_setup_dma_ops()
    + Reviewed-by: Jason Gunthorpe <jgg@nvidia.com> (✗ DKIM/Nvidia.com)
  ✗ [PATCH v7 3/5] iommu: Add iommu_driver_get_domain_for_dev() helper
    + Reviewed-by: Jason Gunthorpe <jgg@nvidia.com> (✗ DKIM/Nvidia.com)
  ✗ [PATCH v7 4/5] iommu: Introduce pci_dev_reset_iommu_prepare/done()
    + Reviewed-by: Jason Gunthorpe <jgg@nvidia.com> (✗ DKIM/Nvidia.com)
  ✗ [PATCH v7 5/5] PCI: Suspend iommu function prior to resetting a device
    + Reviewed-by: Jason Gunthorpe <jgg@nvidia.com> (✗ DKIM/Nvidia.com)

Thank you
Nicolin
Re: [PATCH v7 1/5] iommu: Lock group->mutex in iommu_deferred_attach()
Posted by Dheeraj Kumar Srivastava 5 days, 9 hours ago 
Hi

On 11/26/2025 9:46 PM, Nicolin Chen wrote:
> On Wed, Nov 26, 2025 at 06:25:34PM +0530, Srivastava, Dheeraj Kumar wrote:
>> On 11/22/2025 7:27 AM, Nicolin Chen wrote:
>>> The iommu_deferred_attach() function invokes __iommu_attach_device(), but
>>> doesn't hold the group->mutex like other __iommu_attach_device() callers.
>>>
>>> Though there is no pratical bug being triggered so far, it would be better
>>> to apply the same locking to this __iommu_attach_device(), since the IOMMU
>>> drivers nowaday are more aware of the group->mutex -- some of them use the
>>> iommu_group_mutex_assert() function that could be potentially in the path
>>> of an attach_dev callback function invoked by the __iommu_attach_device().
>>>
>>> Worth mentioning that the iommu_deferred_attach() will soon need to check
>>> group->resetting_domain that must be locked also.
>>>
>>> Thus, grab the mutex to guard __iommu_attach_device() like other callers.
>>>
>>
>> Tested the series with PCI reset on PFs and VFs, including device
>> pass-through to a Linux guest. All scenarios worked as expected.
>>
>> Tested-by: Dheeraj Kumar Srivastava <dheerajkumar.srivastava@amd.com>
> 
> Thanks for testing!
> 
> Yet, this is replying to PATCH-1. So, you might want to reply with
> your "Tested-by" tag to PATCH-0 :)
> 

Sure.

Thanks
Dheeraj

> Otherwise, default B4 command might miss your tag in other patches:
> 
>    ✗ [PATCH v7 1/5] iommu: Lock group->mutex in iommu_deferred_attach()
>      + Tested-by: Dheeraj Kumar Srivastava <dheerajkumar.srivastava@amd.com> (✓ DKIM/amd.com)
>    ✗ [PATCH v7 2/5] iommu: Tidy domain for iommu_setup_dma_ops()
>      + Reviewed-by: Jason Gunthorpe <jgg@nvidia.com> (✗ DKIM/Nvidia.com)
>    ✗ [PATCH v7 3/5] iommu: Add iommu_driver_get_domain_for_dev() helper
>      + Reviewed-by: Jason Gunthorpe <jgg@nvidia.com> (✗ DKIM/Nvidia.com)
>    ✗ [PATCH v7 4/5] iommu: Introduce pci_dev_reset_iommu_prepare/done()
>      + Reviewed-by: Jason Gunthorpe <jgg@nvidia.com> (✗ DKIM/Nvidia.com)
>    ✗ [PATCH v7 5/5] PCI: Suspend iommu function prior to resetting a device
>      + Reviewed-by: Jason Gunthorpe <jgg@nvidia.com> (✗ DKIM/Nvidia.com)
> 
> Thank you
> Nicolin

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.