On Tue, Oct 29, 2024 at 11:54:36AM -0300, Jason Gunthorpe wrote:
On Fri, Oct 25, 2024 at 04:49:44PM -0700, Nicolin Chen wrote:
+void iommufd_viommu_destroy(struct iommufd_object *obj) +{
- struct iommufd_viommu *viommu =
container_of(obj, struct iommufd_viommu, obj);- if (viommu->ops && viommu->ops->free)
viommu->ops->free(viommu);Ops can't be null and free can't be null, that would mean there is a memory leak.
What if a driver doesn't have anything to free? You're suggesting to force the driver to have an empty free function, right? We can do that, if it is preferable:
void arm_vsmmu_free(struct iommufd_viommu *viommu) { }
- refcount_dec(&viommu->hwpt->common.obj.users);
Don't touch viommu after freeing it
Drivers should only free their own stuff without touching the core: "* @free: Free all driver-specific parts of an iommufd_viommu. The memory of the * vIOMMU will be free-ed by iommufd core after calling this free op."
Then, viommu object is freed by the core after ->destroy(), right?
Did you run selftests with kasn?
Yea, all passed with no WARN_ON.
Thanks Nicolin