[RESEND,1/2] iommu/iova: Add check for cpu_rcache in free_iova_rcaches
Commit Message
free_iova_rcaches() needs to check if cpu_rcache->loaded and
cpu_rcache->prev is NULL before freeing them. Because
iova_domain_init_rcaches() may fail to alloc magazine for
cpu_rcache->loaded and cpu_rcache->prev, but they will be freed
for all cpus.
Fixes: 32e92d9f6f87 ("iommu/iova: Separate out rcache init")
Signed-off-by: Zhang Zekun <zhangzekun11@huawei.com>
---
drivers/iommu/iova.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
Comments
On 2023-08-11 14:02, Zhang Zekun wrote:
> free_iova_rcaches() needs to check if cpu_rcache->loaded and
> cpu_rcache->prev is NULL before freeing them.
Why? iova_magazine_free() is just kfree(), and kfree(NULL) is perfectly
valid, specifically to avoid having to make cleanup paths all fiddly and
overcomplicated like this.
Thanks,
Robin.
> Because
> iova_domain_init_rcaches() may fail to alloc magazine for
> cpu_rcache->loaded and cpu_rcache->prev, but they will be freed
> for all cpus.
>
> Fixes: 32e92d9f6f87 ("iommu/iova: Separate out rcache init")
> Signed-off-by: Zhang Zekun <zhangzekun11@huawei.com>
> ---
> drivers/iommu/iova.c | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/iommu/iova.c b/drivers/iommu/iova.c
> index 10b964600948..3c784a28e9ed 100644
> --- a/drivers/iommu/iova.c
> +++ b/drivers/iommu/iova.c
> @@ -746,8 +746,12 @@ int iova_domain_init_rcaches(struct iova_domain *iovad)
>
> spin_lock_init(&cpu_rcache->lock);
> cpu_rcache->loaded = iova_magazine_alloc(GFP_KERNEL);
> + if (!cpu_rcache->loaded) {
> + ret = -ENOMEM;
> + goto out_err;
> + }
> cpu_rcache->prev = iova_magazine_alloc(GFP_KERNEL);
> - if (!cpu_rcache->loaded || !cpu_rcache->prev) {
> + if (!cpu_rcache->prev) {
> ret = -ENOMEM;
> goto out_err;
> }
> @@ -903,7 +907,11 @@ static void free_iova_rcaches(struct iova_domain *iovad)
> break;
> for_each_possible_cpu(cpu) {
> cpu_rcache = per_cpu_ptr(rcache->cpu_rcaches, cpu);
> + if (!cpu_rcache->loaded)
> + break;
> iova_magazine_free(cpu_rcache->loaded);
> + if (!cpu_rcache->prev)
> + break;
> iova_magazine_free(cpu_rcache->prev);
> }
> free_percpu(rcache->cpu_rcaches);
在 2023/8/11 21:32, Robin Murphy 写道:
> On 2023-08-11 14:02, Zhang Zekun wrote:
>> free_iova_rcaches() needs to check if cpu_rcache->loaded and
>> cpu_rcache->prev is NULL before freeing them.
>
> Why? iova_magazine_free() is just kfree(), and kfree(NULL) is
> perfectly valid, specifically to avoid having to make cleanup paths
> all fiddly and overcomplicated like this.
>
> Thanks,
> Robin.
>
Hi, Robin
Thanks for your review, I have missed that kfree() can handle NULL and
it is safe
to iterate through all cpus, because __alloc_percpu() will alloc a
zero-filled area,
and pointers passed to kfree() will be either NULL or a vaild one. There
is no need
to add check before these pointers.
Thanks,
Zekun
@@ -746,8 +746,12 @@ int iova_domain_init_rcaches(struct iova_domain *iovad)
spin_lock_init(&cpu_rcache->lock);
cpu_rcache->loaded = iova_magazine_alloc(GFP_KERNEL);
+ if (!cpu_rcache->loaded) {
+ ret = -ENOMEM;
+ goto out_err;
+ }
cpu_rcache->prev = iova_magazine_alloc(GFP_KERNEL);
- if (!cpu_rcache->loaded || !cpu_rcache->prev) {
+ if (!cpu_rcache->prev) {
ret = -ENOMEM;
goto out_err;
}
@@ -903,7 +907,11 @@ static void free_iova_rcaches(struct iova_domain *iovad)
break;
for_each_possible_cpu(cpu) {
cpu_rcache = per_cpu_ptr(rcache->cpu_rcaches, cpu);
+ if (!cpu_rcache->loaded)
+ break;
iova_magazine_free(cpu_rcache->loaded);
+ if (!cpu_rcache->prev)
+ break;
iova_magazine_free(cpu_rcache->prev);
}
free_percpu(rcache->cpu_rcaches);