On Thu, Feb 20, 2025 at 11:48:49AM +0800, Junxian Huang wrote: > Driver notifies HW about the memory release with mailbox. The procedure > of a mailbox is: > a) driver posts the mailbox to FW > b) FW writes the mailbox data into HW > > In this scenario, step a) will fail due to the FW reset, HW won't get > notified and thus may lead to UAF. That's just wrong, a FW reset must fully stop and sanitize the HW as well. You can't have HW running rouge with no way for FW to control it anymore. Jason
