From: "Julian Ruess" <julianr@linux.ibm.com>
To: "Niklas Schnelle" <schnelle@linux.ibm.com>,
"Farhan Ali" <alifm@linux.ibm.com>,
"Julian Ruess" <julianr@linux.ibm.com>, <wintera@linux.ibm.com>,
<ts@linux.ibm.com>, <oberpar@linux.ibm.com>,
<gbayer@linux.ibm.com>, "Alex Williamson" <alex@shazbot.org>,
"Jason Gunthorpe" <jgg@ziepe.ca>,
"Yishai Hadas" <yishaih@nvidia.com>,
"Shameer Kolothum" <skolothumtho@nvidia.com>,
"Kevin Tian" <kevin.tian@intel.com>
Cc: <mjrosato@linux.ibm.com>, <raspl@linux.ibm.com>,
<hca@linux.ibm.com>, <agordeev@linux.ibm.com>,
<gor@linux.ibm.com>, <kvm@vger.kernel.org>,
<linux-kernel@vger.kernel.org>, <linux-s390@vger.kernel.org>,
<linux-pci@vger.kernel.org>
Subject: Re: [PATCH v5 2/3] vfio/ism: Implement vfio_pci driver for ISM devices
Date: Wed, 18 Mar 2026 07:16:11 +0100 [thread overview]
Message-ID: <DH5OSCR30K6L.3SIBYOZ6166AC@linux.ibm.com> (raw)
In-Reply-To: <ef044e7fa28e33cf865882e374957c0cd10124d1.camel@linux.ibm.com>
On Tue Mar 17, 2026 at 10:16 PM CET, Niklas Schnelle wrote:
> On Tue, 2026-03-17 at 11:43 -0700, Farhan Ali wrote:
>> <..snip..>
>>
>> On 3/17/2026 5:58 AM, Julian Ruess wrote:
>> > static int ism_vfio_pci_probe(struct pci_dev *pdev,
>> > + const struct pci_device_id *id)
>> > +{
>> > + struct ism_vfio_pci_core_device *ivpcd;
>> > + struct zpci_dev *zdev = to_zpci(pdev);
>> > + char cache_name[20];
>> > + int ret;
>> > +
>> > + ivpcd = vfio_alloc_device(ism_vfio_pci_core_device, core_device.vdev,
>> > + &pdev->dev, &ism_pci_ops);
>> > + if (IS_ERR(ivpcd))
>> > + return PTR_ERR(ivpcd);
>> > +
>> > + snprintf(cache_name, sizeof(cache_name), "ism_sb_fid_%08x", zdev->fid);
>> > + ivpcd->store_block_cache =
>> > + kmem_cache_create(cache_name, zdev->maxstbl, 0, 0, NULL);
>> > + if (!ivpcd->store_block_cache) {
>> > + vfio_put_device(&ivpcd->core_device.vdev);
>> > + return -ENOMEM;
>> > + }
>> > +
>> > + dev_set_drvdata(&pdev->dev, &ivpcd->core_device);
>> > + ret = vfio_pci_core_register_device(&ivpcd->core_device);
>> > + if (ret) {
>> > + kmem_cache_destroy(ivpcd->store_block_cache);
>> > + vfio_put_device(&ivpcd->core_device.vdev);
>> > + }
>> > +
>> > + return ret;
>> > +}
>> > +
>> > +static void ism_vfio_pci_remove(struct pci_dev *pdev)
>> > +{
>> > + struct vfio_pci_core_device *core_device;
>> > + struct ism_vfio_pci_core_device *ivpcd;
>> > +
>> > + core_device = dev_get_drvdata(&pdev->dev);
>> > + ivpcd = container_of(core_device, struct ism_vfio_pci_core_device,
>> > + core_device);
>> > +
>> > + vfio_pci_core_unregister_device(&ivpcd->core_device);
>> > + vfio_put_device(&ivpcd->core_device.vdev);
>> > +
>> > + kmem_cache_destroy(ivpcd->store_block_cache);
>>
>> I think the kmem_cache_destroy() should be done before we do
>> vfio_put_device() (or maybe even before
>> vfio_pci_core_unregister_device()) to avoid use after free similar to
>> ism_vfio_pci_probe(). Sorry I missed this earlier.
>>
>> Thanks
>>
>> Farhan
>>
>
> Good find! Wouldn't it be even cleaner to provide vfio/ism specific
> .init and .release functions in ism_pci_ops that do the
> kmem_cache_create() / kmem_cache_destroy() as part of init / release?
> It seems this is done for e.g. Xe with xe_vfio_pci_init_dev()
> and xe_vfio_pci_release_dev(). In fact wouldn't that be even necessary
> to correctly handle the case where the above vfio_put_device() isn't
> the last reference?
>
> Thanks,
> Niklas
Thanks guys! Yes, I think we should introduce custom .init and .release functions. Will change that in the next version.
next prev parent reply other threads:[~2026-03-18 6:16 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-17 12:58 [PATCH v5 0/3] vfio/pci: Introduce vfio_pci driver for ISM devices Julian Ruess
2026-03-17 12:58 ` [PATCH v5 1/3] vfio/pci: Rename vfio_config_do_rw() to vfio_pci_config_rw_single() and export it Julian Ruess
2026-03-17 12:58 ` [PATCH v5 2/3] vfio/ism: Implement vfio_pci driver for ISM devices Julian Ruess
2026-03-17 18:43 ` Farhan Ali
2026-03-17 21:16 ` Niklas Schnelle
2026-03-18 6:16 ` Julian Ruess [this message]
2026-03-18 14:52 ` Niklas Schnelle
2026-03-17 12:58 ` [PATCH v5 3/3] MAINTAINERS: add VFIO ISM PCI DRIVER section Julian Ruess
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DH5OSCR30K6L.3SIBYOZ6166AC@linux.ibm.com \
--to=julianr@linux.ibm.com \
--cc=agordeev@linux.ibm.com \
--cc=alex@shazbot.org \
--cc=alifm@linux.ibm.com \
--cc=gbayer@linux.ibm.com \
--cc=gor@linux.ibm.com \
--cc=hca@linux.ibm.com \
--cc=jgg@ziepe.ca \
--cc=kevin.tian@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=mjrosato@linux.ibm.com \
--cc=oberpar@linux.ibm.com \
--cc=raspl@linux.ibm.com \
--cc=schnelle@linux.ibm.com \
--cc=skolothumtho@nvidia.com \
--cc=ts@linux.ibm.com \
--cc=wintera@linux.ibm.com \
--cc=yishaih@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.