On Thu, May 23, 2019 at 9:05 PM Jason Gunthorpe <jgg@xxxxxxxx> wrote:
>
> From: Jason Gunthorpe <jgg@xxxxxxxxxxxx>
>
> Trying to misuse a range outside its lifetime is a kernel bug. Use WARN_ON
> and poison bytes to detect this condition.
>
> Signed-off-by: Jason Gunthorpe <jgg@xxxxxxxxxxxx>
Acked-by: Souptick Joarder <jrdr.linux@xxxxxxxxx>
> ---
> mm/hmm.c | 11 +++++++----
> 1 file changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/mm/hmm.c b/mm/hmm.c
> index 6c3b7398672c29..02752d3ef2ed92 100644
> --- a/mm/hmm.c
> +++ b/mm/hmm.c
> @@ -936,8 +936,7 @@ EXPORT_SYMBOL(hmm_range_register);
> */
> void hmm_range_unregister(struct hmm_range *range)
> {
> - /* Sanity check this really should not happen. */
> - if (range->hmm == NULL || range->end <= range->start)
> + if (WARN_ON(range->end <= range->start))
> return;
Does it make any sense to sanity check for range == NULL as well ?
>
> mutex_lock(&range->hmm->lock);
> @@ -945,9 +944,13 @@ void hmm_range_unregister(struct hmm_range *range)
> mutex_unlock(&range->hmm->lock);
>
> /* Drop reference taken by hmm_range_register() */
> - range->valid = false;
> hmm_put(range->hmm);
> - range->hmm = NULL;
> +
> + /* The range is now invalid, leave it poisoned. */
> + range->valid = false;
> + range->start = ULONG_MAX;
> + range->end = 0;
> + memset(&range->hmm, POISON_INUSE, sizeof(range->hmm));
> }
> EXPORT_SYMBOL(hmm_range_unregister);
>
> --
> 2.21.0
>
