On Thu, Jan 16, 2020 at 10:51:52AM +0200, Gal Pressman wrote: > On 15/01/2020 22:20, Jason Gunthorpe wrote: > > The set of entry->driver_removed is missing locking, protect it with > > xa_lock() which is held by the only reader. > > > > Otherwise readers may continue to see driver_removed = false after > > rdma_user_mmap_entry_remove() returns and may continue to try and > > establish new mmaps. > > That's kind of an inherent race regardless, isn't it? How do you mean? Once rdma_user_mmap_entry_remove() returns no new mmaps can be established, existing mmaps remain. The driver can rely on this, by, for instance, calling free_page Jason
