On Tue, Oct 29, 2024 at 11:54:36AM -0300, Jason Gunthorpe wrote:
> On Fri, Oct 25, 2024 at 04:49:44PM -0700, Nicolin Chen wrote:
> > +void iommufd_viommu_destroy(struct iommufd_object *obj)
> > +{
> > + struct iommufd_viommu *viommu =
> > + container_of(obj, struct iommufd_viommu, obj);
> > +
> > + if (viommu->ops && viommu->ops->free)
> > + viommu->ops->free(viommu);
>
> Ops can't be null and free can't be null, that would mean there is a
> memory leak.
What if a driver doesn't have anything to free? You're suggesting
to force the driver to have an empty free function, right? We can
do that, if it is preferable:
void arm_vsmmu_free(struct iommufd_viommu *viommu)
{
}
> > + refcount_dec(&viommu->hwpt->common.obj.users);
>
> Don't touch viommu after freeing it
Drivers should only free their own stuff without touching the core:
"* @free: Free all driver-specific parts of an iommufd_viommu. The memory of the
* vIOMMU will be free-ed by iommufd core after calling this free op."
Then, viommu object is freed by the core after ->destroy(), right?
> Did you run selftests with kasn?
Yea, all passed with no WARN_ON.
Thanks
Nicolin
