On Thu, Feb 21, 2019 at 03:59:37PM -0700, Jason Gunthorpe wrote: > On Wed, Feb 20, 2019 at 05:29:24PM -0500, Jerome Glisse wrote: > > > > > > > > Yes it is safe, the hmm struct has its own refcount and mirror holds a > > > > reference on it, the mm struct itself has a reference on the mm > > > > struct. > > > > > > The issue here is that that hmm_mirror_unregister() must be a strong > > > fence that guarentees no callback is running or will run after > > > return. mmu_notifier_unregister did not provide that. > > > > > > I think I saw locking in hmm that was doing this.. > > > > So pattern is: > > hmm_mirror_register(mirror); > > > > // Safe for driver to call within HMM with mirror no matter what > > > > hmm_mirror_unregister(mirror) > > > > // Driver must no stop calling within HMM, it would be a use after > > // free scenario > > This statement is the opposite direction > > I want to know that HMM doesn't allow any driver callbacks to be > running after unregister - because I am going to kfree mirror and > other memory touched by the driver callbacks. Sorry i miss-understood your question. Yes after hmm_mirror_unregister() you will no longer get a callback from HMM ie it is safe for you to free any data structure associated with HMM. Cheers, Jérôme
