On Sun, 2015-10-11 at 20:03 +0100, David Woodhouse wrote: > As we try to put together a generic API for device access to processes' > address space, I definitely think we want to stick with the model that > we take a reference on the mm, and we *keep* it until the device driver > unbinds from the mm (because its file descriptor is closed, or > whatever). I've found another problem with this. In use some cases, we mmap() the device file descriptor which is responsible for the PASID binding. And in that case we end up with a recursive refcount. When the process exits, its file descriptors are closed... but the underlying struct file remains open because it's still referenced from the mmap'd VMA. That VMA remains alive because it's still part of the MM. And the MM remains alive because the PASID binding still holds a refcount for it because device's struct file didn't get closed yet... because it's still mmap'd... because the MM is still alive... So I suspect that even for the relatively simple case where the lifetime of the PASID can be bound to a file descriptor (unlike with amdkfd), we probably still want to explicitly manage its lifetime as an 'off-cpu task' and explicitly kill it when the process dies. I'm still not keen on doing that implicitly through the mm_release. I think that way lies a lot of subtle bugs. -- David Woodhouse Open Source Technology Centre David.Woodhouse@xxxxxxxxx Intel Corporation
Attachment:
smime.p7s
Description: S/MIME cryptographic signature