On Mon, Mar 27, 2023 at 02:33:47AM -0700, Yi Liu wrote:
> @@ -494,6 +479,30 @@ void iommufd_access_destroy(struct iommufd_access *access)
> }
> EXPORT_SYMBOL_NS_GPL(iommufd_access_destroy, IOMMUFD);
>
> +int iommufd_access_attach(struct iommufd_access *access, u32 ioas_id)
> +{
> + struct iommufd_ioas *new_ioas;
> + int rc = 0;
> +
> + if (access->ioas != NULL && access->ioas->obj.id != ioas_id)
> + return -EINVAL;
This should just be
if (access->ioas)
return -EINVAL;
> +
> + new_ioas = iommufd_get_ioas(access->ictx, ioas_id);
> + if (IS_ERR(new_ioas))
> + return PTR_ERR(new_ioas);
> +
> + rc = iopt_add_access(&new_ioas->iopt, access);
> + if (rc) {
> + iommufd_put_object(&new_ioas->obj);
> + return rc;
> + }
> + iommufd_ref_to_users(&new_ioas->obj);
> +
> + access->ioas = new_ioas;
Since if ioas is non-null here then we will lose the reference counts
already held.
I'll fix it
Jason
