On Mon, Dec 17, 2018 at 09:45:40AM -0800, Dave Hansen wrote:
> > +struct sgx_encl *sgx_encl_alloc(struct sgx_secs *secs)
> > +{
> ...
> > + kref_init(&encl->refcount);
> > + INIT_LIST_HEAD(&encl->add_page_reqs);
> > + INIT_RADIX_TREE(&encl->page_tree, GFP_KERNEL);
> > + mutex_init(&encl->lock);
> > + INIT_WORK(&encl->add_page_work, sgx_add_page_worker);
> > +
> > + encl->mm = current->mm; <---------------------------------> + encl->base = secs->base;
> > + encl->size = secs->size;
> > + encl->ssaframesize = secs->ssa_frame_size;
> > + encl->backing = backing;
> > +
> > + return encl;
> > +}
>
> How is this OK without taking a reference on the mm?
>
> I have a feeling a bunch of your bugs with the mmu notifiers and so
> forth are because the refcounting is wrong here.
>
> Sean's SGX_ENCL_MM_RELEASED would, I think be unnecessary if you just
> take a refcount here and release it when the enclave is destroyed.
Right, atomic_inc(encl->mm->count) here and once when releasing.
The we would not even need the whole mmu notifier in the first place.
/Jarkko
