On 6/6/19 11:44 AM, Jason Gunthorpe wrote: > From: Jason Gunthorpe <jgg@xxxxxxxxxxxx> > > So long a a struct hmm pointer exists, so should the struct mm it is > linked too. Hold the mmgrab() as soon as a hmm is created, and mmdrop() it > once the hmm refcount goes to zero. > > Since mmdrop() (ie a 0 kref on struct mm) is now impossible with a !NULL > mm->hmm delete the hmm_hmm_destroy(). > > Signed-off-by: Jason Gunthorpe <jgg@xxxxxxxxxxxx> > Reviewed-by: Jérôme Glisse <jglisse@xxxxxxxxxx> > --- > v2: > - Fix error unwind paths in hmm_get_or_create (Jerome/Jason) > --- > include/linux/hmm.h | 3 --- > kernel/fork.c | 1 - > mm/hmm.c | 22 ++++------------------ > 3 files changed, 4 insertions(+), 22 deletions(-) > > diff --git a/include/linux/hmm.h b/include/linux/hmm.h > index 2d519797cb134a..4ee3acabe5ed22 100644 > --- a/include/linux/hmm.h > +++ b/include/linux/hmm.h > @@ -586,14 +586,11 @@ static inline int hmm_vma_fault(struct hmm_mirror *mirror, > } > > /* Below are for HMM internal use only! Not to be used by device driver! */ > -void hmm_mm_destroy(struct mm_struct *mm); > - > static inline void hmm_mm_init(struct mm_struct *mm) > { > mm->hmm = NULL; > } > #else /* IS_ENABLED(CONFIG_HMM_MIRROR) */ > -static inline void hmm_mm_destroy(struct mm_struct *mm) {} > static inline void hmm_mm_init(struct mm_struct *mm) {} > #endif /* IS_ENABLED(CONFIG_HMM_MIRROR) */ > > diff --git a/kernel/fork.c b/kernel/fork.c > index b2b87d450b80b5..588c768ae72451 100644 > --- a/kernel/fork.c > +++ b/kernel/fork.c > @@ -673,7 +673,6 @@ void __mmdrop(struct mm_struct *mm) > WARN_ON_ONCE(mm == current->active_mm); > mm_free_pgd(mm); > destroy_context(mm); > - hmm_mm_destroy(mm); This is particularly welcome, not to have an "HMM is special" case in such a core part of process/mm code. > mmu_notifier_mm_destroy(mm); > check_mm(mm); > put_user_ns(mm->user_ns); > diff --git a/mm/hmm.c b/mm/hmm.c > index 8796447299023c..cc7c26fda3300e 100644 > --- a/mm/hmm.c > +++ b/mm/hmm.c > @@ -29,6 +29,7 @@ > #include <linux/swapops.h> > #include <linux/hugetlb.h> > #include <linux/memremap.h> > +#include <linux/sched/mm.h> > #include <linux/jump_label.h> > #include <linux/dma-mapping.h> > #include <linux/mmu_notifier.h> > @@ -82,6 +83,7 @@ static struct hmm *hmm_get_or_create(struct mm_struct *mm) > hmm->notifiers = 0; > hmm->dead = false; > hmm->mm = mm; > + mmgrab(hmm->mm); > > spin_lock(&mm->page_table_lock); > if (!mm->hmm) > @@ -109,6 +111,7 @@ static struct hmm *hmm_get_or_create(struct mm_struct *mm) > mm->hmm = NULL; > spin_unlock(&mm->page_table_lock); > error: > + mmdrop(hmm->mm); > kfree(hmm); > return NULL; > } > @@ -130,6 +133,7 @@ static void hmm_free(struct kref *kref) > mm->hmm = NULL; > spin_unlock(&mm->page_table_lock); > > + mmdrop(hmm->mm); > mmu_notifier_call_srcu(&hmm->rcu, hmm_free_rcu); > } > > @@ -138,24 +142,6 @@ static inline void hmm_put(struct hmm *hmm) > kref_put(&hmm->kref, hmm_free); > } > > -void hmm_mm_destroy(struct mm_struct *mm) > -{ > - struct hmm *hmm; > - > - spin_lock(&mm->page_table_lock); > - hmm = mm_get_hmm(mm); > - mm->hmm = NULL; > - if (hmm) { > - hmm->mm = NULL; > - hmm->dead = true; > - spin_unlock(&mm->page_table_lock); > - hmm_put(hmm); > - return; > - } > - > - spin_unlock(&mm->page_table_lock); > -} > - > static void hmm_release(struct mmu_notifier *mn, struct mm_struct *mm) > { > struct hmm *hmm = container_of(mn, struct hmm, mmu_notifier); > Failed to find any problems with this. :) Reviewed-by: John Hubbard <jhubbard@xxxxxxxxxx> thanks, -- John Hubbard NVIDIA