Commit 90b1253e authored by Al Viro's avatar Al Viro

vfio: get rid of vfio_device_put()/vfio_group_get_device* races

we really need to make sure that dropping the last reference happens
under the group->device_lock; otherwise a loop (under device_lock)
might find vfio_device instance that is being freed right now, has
already dropped the last reference and waits on device_lock to exclude
the sucker from the list.
Acked-by: default avatarAlex Williamson <>
Signed-off-by: default avatarAl Viro <>
parent 6d2cd3ce
......@@ -396,7 +396,6 @@ static void vfio_device_release(struct kref *kref)
struct vfio_device, kref);
struct vfio_group *group = device->group;
......@@ -412,7 +411,7 @@ static void vfio_device_release(struct kref *kref)
static void vfio_device_put(struct vfio_device *device)
struct vfio_group *group = device->group;
kref_put(&device->kref, vfio_device_release);
kref_put_mutex(&device->kref, vfio_device_release, &group->device_lock);
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment