On Tue, Sep 01, 2020 at 02:01:43AM +0200, Jann Horn wrote:
> The comment talks about having to hold mmget() (which means mm_users), but
> the actual check is on mm_count (which would be mmgrab()).
>
> Given that MMU notifiers are torn down in
> mmput() -> __mmput() -> exit_mmap() -> mmu_notifier_release(),
> I believe that the comment is correct and the check should be on
> mm->mm_users. Fix it up accordingly.
>
> Fixes: 99cb252f5e68 ("mm/mmu_notifier: add an interval tree notifier")
> Signed-off-by: Jann Horn <jannh@xxxxxxxxxx>
> ---
> Can someone please double-check this? I'm like 90% sure that I fixed
> this the right way around, but it'd be good if someone more familiar
> with mmu notifiers could confirm.
Hmm.. I added the comment but copied the expression from older code.
The intent is certainly that the caller must have a mmget, this
function must not race with __mmu_notifier_release() and the mmget is
what prevents that.
Reviewed-by: Jason Gunthorpe <jgg@xxxxxxxxxx>
Jason
