On 29/11/17 06:08, Yisheng Xie wrote: > > > On 2017/10/6 21:31, Jean-Philippe Brucker wrote: >> +int iommu_process_bind_device(struct device *dev, struct task_struct *task, >> + int *pasid, int flags) >> +{ > [..] >> + err = iommu_process_attach_locked(context, dev); >> + if (err) >> + iommu_process_put_locked(process); > one ref for a context is enough right? so also need call iommu_process_put_locked() > if attach ok, or will be leak if user call bind twice for the same device and task. I wasn't sure, I think I prefer taking one ref for each bind. If user calls bind twice, it should call unbind twice as well (in case of leak we free the context on process exit). Also with this implementation, user can call bind for two devices in the same domain, which will share the same context structure. So we have to take as many refs as bind() calls. Thanks, Jean