iommu: msm: Fix potential page table use after free

When an address is unmapped from the page tables there is a short period
of time between the code freeing the page table back to the memory
subsystem and the code issuing a TLB invalidate on the IOMMU hardware
when the IOMMU could be accessing the page table that has been freed.
This can cause the IOMMU to translate a virtual address to a bogus
physical address which can cause system instability.

Instead of freeing the page before doing a TLB invalidate we keep a
shadow table that keeps track of the pointers to the page tables and the
number of outstanding mappings. We can thus zero out the real page
table, do a TLB invalidate, and then free the pages through the shadow
page table entries.

Change-Id: Ifb677ea8033fb35d8a98c1f00c9aaa9bcfe0b2d0
Signed-off-by: Olav Haugan <ohaugan@codeaurora.org>