From mboxrd@z Thu Jan 1 00:00:00 1970 From: John Hubbard Subject: Re: [PATCH v2 hmm 01/11] mm/hmm: fix use after free with struct hmm in the mmu notifiers Date: Fri, 7 Jun 2019 18:37:22 -0700 Message-ID: <771c9b7b-983a-934b-a507-76aa0e8aceaf@nvidia.com> References: <20190606184438.31646-1-jgg@ziepe.ca> <20190606184438.31646-2-jgg@ziepe.ca> <9c72d18d-2924-cb90-ea44-7cd4b10b5bc2@nvidia.com> <20190607123432.GB14802@ziepe.ca> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Return-path: In-Reply-To: <20190607123432.GB14802@ziepe.ca> Content-Language: en-US List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" To: Jason Gunthorpe Cc: Andrea Arcangeli , Ralph Campbell , linux-rdma@vger.kernel.org, Felix.Kuehling@amd.com, dri-devel@lists.freedesktop.org, linux-mm@kvack.org, Jerome Glisse , amd-gfx@lists.freedesktop.org List-Id: amd-gfx.lists.freedesktop.org T24gNi83LzE5IDU6MzQgQU0sIEphc29uIEd1bnRob3JwZSB3cm90ZToKPiBPbiBUaHUsIEp1biAw NiwgMjAxOSBhdCAwNzoyOTowOFBNIC0wNzAwLCBKb2huIEh1YmJhcmQgd3JvdGU6Cj4+IE9uIDYv Ni8xOSAxMTo0NCBBTSwgSmFzb24gR3VudGhvcnBlIHdyb3RlOgo+Pj4gRnJvbTogSmFzb24gR3Vu dGhvcnBlIDxqZ2dAbWVsbGFub3guY29tPgo+PiAuLi4KPj4+IEBAIC0xNTMsMTAgKzE1OCwxNCBA QCB2b2lkIGhtbV9tbV9kZXN0cm95KHN0cnVjdCBtbV9zdHJ1Y3QgKm1tKQo+Pj4gIAo+Pj4gIHN0 YXRpYyB2b2lkIGhtbV9yZWxlYXNlKHN0cnVjdCBtbXVfbm90aWZpZXIgKm1uLCBzdHJ1Y3QgbW1f c3RydWN0ICptbSkKPj4+ICB7Cj4+PiAtCXN0cnVjdCBobW0gKmhtbSA9IG1tX2dldF9obW0obW0p Owo+Pj4gKwlzdHJ1Y3QgaG1tICpobW0gPSBjb250YWluZXJfb2YobW4sIHN0cnVjdCBobW0sIG1t dV9ub3RpZmllcik7Cj4+PiAgCXN0cnVjdCBobW1fbWlycm9yICptaXJyb3I7Cj4+PiAgCXN0cnVj dCBobW1fcmFuZ2UgKnJhbmdlOwo+Pj4gIAo+Pj4gKwkvKiBobW0gaXMgaW4gcHJvZ3Jlc3MgdG8g ZnJlZSAqLwo+Pgo+PiBXZWxsLCBzb21ldGltZXMsIHllcy4gOikKPiAKPiBJdCB0aGluayBpdCBp cyBpbiBhbGwgY2FzZXMgYWN0dWFsbHkuLiBUaGUgb25seSB3YXkgd2Ugc2VlIGEgMCBrcmVmCj4g YW5kIHN0aWxsIHJlYWNoIHRoaXMgY29kZSBwYXRoIGlzIGlmIGFub3RoZXIgdGhyZWFkIGhhcyBh bHJlYXkgc2V0dXAKPiB0aGUgaG1tX2ZyZWUgaW4gdGhlIGNhbGxfc3JjdS4uCj4gCj4+IE1heWJl IHRoaXMgd29yZGluZyBpcyBjbGVhcmVyIChpZiB3ZSBuZWVkIGFueSBjb21tZW50IGF0IGFsbCk6 Cj4gCj4gSSBhbHdheXMgZmluZCB0aGlzIGhhcmQuLiBUaGlzIGlzIGEgdmVyeSBzdGFuZGFyZCBw YXR0ZXJuIHdoZW4gd29ya2luZwo+IHdpdGggUkNVIC0gaG93ZXZlciBpbiBteSBleHBlcmllbmNl IGZldyBwZW9wbGUgYWN0dWFsbHkga25vdyB0aGUgUkNVCj4gcGF0dGVybnMsIGFuZCBtaXNzaW5n IHRoZSBfdW5sZXNzX3plcm8gaXMgYSBjb21tb24gYnVnIEkgZmluZCB3aGVuCj4gbG9va2luZyBh dCBjb2RlLgo+IAo+IFRoaXMgaXMgbW0vIHNvIEkgY2FuIGRyb3AgaXQsIHdoYXQgZG8geW91IHRo aW5rPwo+IAoKSSBmb3Jnb3QgdG8gcmVzcG9uZCB0byB0aGlzIHNlY3Rpb24sIHNvIGNhdGNoaW5n IHVwIG5vdzoKCkkgdGhpbmsgd2UncmUgdGFsa2luZyBhYm91dCBzbGlnaHRseSBkaWZmZXJlbnQg dGhpbmdzLiBJIHdhcyBqdXN0Cm5vdGluZyB0aGF0IHRoZSBjb21tZW50IGFib3ZlIHRoZSAiaWYi IHN0YXRlbWVudCB3YXMgb25seSBhY2N1cmF0ZQppZiB0aGUgYnJhbmNoIGlzIHRha2VuLCB3aGlj aCBpcyB3aHkgSSByZWNvbW1lbmRlZCB0aGlzIGNvbWJpbmF0aW9uCm9mIGNvbW1lbnQgYW5kIGNv ZGU6CgoJLyogQmFpbCBvdXQgaWYgaG1tIGlzIGluIHRoZSBwcm9jZXNzIG9mIGJlaW5nIGZyZWVk ICovCglpZiAoIWtyZWZfZ2V0X3VubGVzc196ZXJvKCZobW0tPmtyZWYpKQoJCXJldHVybjsKCkFz IGZvciB0aGUgYWN0dWFsIF91bmxlc3NfemVybyBwYXJ0LCBJIHRoaW5rIHRoYXQncyBnb29kIHRv IGhhdmUuCkFuZCBpdCdzIGEgZ29vZCByZW1pbmRlciBpZiBub3RoaW5nIGVsc2UsIGV2ZW4gaW4g bW0vIGNvZGUuCgp0aGFua3MsCi0tIApKb2huIEh1YmJhcmQKTlZJRElBCl9fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCmRyaS1kZXZlbCBtYWlsaW5nIGxpc3QK ZHJpLWRldmVsQGxpc3RzLmZyZWVkZXNrdG9wLm9yZwpodHRwczovL2xpc3RzLmZyZWVkZXNrdG9w Lm9yZy9tYWlsbWFuL2xpc3RpbmZvL2RyaS1kZXZlbA==