On 30/11/17 01:11, Yisheng Xie wrote: > Hi, Jean, > > On 2017/11/29 23:01, Jean-Philippe Brucker wrote: >> On 29/11/17 06:08, Yisheng Xie wrote: >>> >>> >>> On 2017/10/6 21:31, Jean-Philippe Brucker wrote: >>>> +int iommu_process_bind_device(struct device *dev, struct task_struct *task, >>>> + int *pasid, int flags) >>>> +{ >>> [..] >>>> + err = iommu_process_attach_locked(context, dev); >>>> + if (err) >>>> + iommu_process_put_locked(process); >>> one ref for a context is enough right? so also need call iommu_process_put_locked() >>> if attach ok, or will be leak if user call bind twice for the same device and task. >> >> I wasn't sure, I think I prefer taking one ref for each bind. If user >> calls bind twice, it should call unbind twice as well (in case of leak we >> free the context on process exit). >> >> Also with this implementation, user can call bind for two devices in the >> same domain, which will share the same context structure. So we have to >> take as many refs as bind() calls. > > > hmm, it has two ref, one for _context_ and the other for *process* (or maybe mm for > your next version), right? For each bind it will take a ref of context as present > design. but why also process ref need be taken for each bind? I mean it seems does > not break _user can call bind for two devices in the same domain_. > > And if you really want to take a ref of *process* for echo bind, you should put it when > unbind, right? I just not find where you put the ref of process when unbind. But just put > the process ref when free context. > > Maybe I just miss something. No you're right I misunderstood, sorry about that. Each context has a single ref to a process, so we do need to drop the process ref here as you pointed out. I thought I exercised this path though, I'll update my test suite. Also attach_locked shouldn't take a context ref if attach fails... Thanks a lot, Jean