On Thu, 2019-11-28 at 14:49 +0100, Paolo Bonzini wrote:
> On 27/11/19 22:57, Leonardo Bras wrote:
> > But on the above case, kvm_put_kvm{,_no_destroy}() would be called
> > with refcount == 1, and if reorder patch is applied, it would not cause
> > any use-after-free error, even on kvm_put_kvm() case.
>
> I think this is what you're missing: kvm_put_kvm_no_destroy() does not
> protect against bugs in the code that uses it. It protect against bugs
> _elsewhere_.
>
> Therefore, kvm_put_kvm_no_destroy() is always a better choice when
> applicable, because it turns bugs in _other parts of the code_ from
> use-after-free to WARN+leak.
>
> Paolo
>
Hello Paolo,
Thanks for explaining that! I think I got to understand it better now.
Best regards,
Leonardo
Attachment:
signature.asc
Description: This is a digitally signed message part
