From: Yi Liu Date: Mon, 27 Jun 2022 07:41:19 +0000 (-0700) Subject: vfio: Move "device->open_count--" out of group_rwsem in vfio_device_open() X-Git-Tag: baikal/aarch64/sdk6.1~3347^2~19^7 X-Git-Url: https://git.baikalelectronics.ru/sdk/?a=commitdiff_plain;h=7a0a281aeca6528c28b373ee9d8b23f245f45a7d;p=kernel.git vfio: Move "device->open_count--" out of group_rwsem in vfio_device_open() We do not protect the vfio_device::open_count with group_rwsem elsewhere (see vfio_device_fops_release as a comparison, where we already drop group_rwsem before open_count--). So move the group_rwsem unlock prior to open_count--. This change now also drops group_rswem before setting device->kvm = NULL, but that's also OK (again, just like vfio_device_fops_release). The setting of device->kvm before open_device is technically done while holding the group_rwsem, this is done to protect the group kvm value we are copying from, and we should not be relying on that to protect the contents of device->kvm; instead we assume this value will not change until after the device is closed and while under the dev_set->lock. Cc: Matthew Rosato Cc: Jason Gunthorpe Signed-off-by: Yi Liu Reviewed-by: Matthew Rosato Reviewed-by: Kevin Tian Link: https://lore.kernel.org/r/20220627074119.523274-1-yi.l.liu@intel.com Signed-off-by: Alex Williamson --- diff --git a/drivers/vfio/vfio.c b/drivers/vfio/vfio.c index 61e71c1154be6..44c3bf8023acc 100644 --- a/drivers/vfio/vfio.c +++ b/drivers/vfio/vfio.c @@ -1146,10 +1146,10 @@ err_close_device: if (device->open_count == 1 && device->ops->close_device) device->ops->close_device(device); err_undo_count: + up_read(&device->group->group_rwsem); device->open_count--; if (device->open_count == 0 && device->kvm) device->kvm = NULL; - up_read(&device->group->group_rwsem); mutex_unlock(&device->dev_set->lock); module_put(device->dev->driver->owner); err_unassign_container: