Re: [PATCH] misc: sgi-gru: Convert from atomic_t to refcount_t on gru_thread_state->ts_refcnt
From: Greg Kroah-Hartman
Date: Wed Jul 21 2021 - 07:57:50 EST
On Sat, Jul 17, 2021 at 06:17:22PM +0800, Xiyu Yang wrote:
> refcount_t type and corresponding API can protect refcounters from
> accidental underflow and overflow and further use-after-free situations.
>
> Signed-off-by: Xiyu Yang <xiyuyang19@xxxxxxxxxxxx>
> Signed-off-by: Xin Tan <tanxin.ctf@xxxxxxxxx>
> ---
> drivers/misc/sgi-gru/grumain.c | 6 +++---
> drivers/misc/sgi-gru/grutables.h | 3 ++-
> 2 files changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/misc/sgi-gru/grumain.c b/drivers/misc/sgi-gru/grumain.c
> index 40ac59dd018c..9afda47efbf2 100644
> --- a/drivers/misc/sgi-gru/grumain.c
> +++ b/drivers/misc/sgi-gru/grumain.c
> @@ -282,7 +282,7 @@ static void gru_unload_mm_tracker(struct gru_state *gru,
> */
> void gts_drop(struct gru_thread_state *gts)
> {
> - if (gts && atomic_dec_return(>s->ts_refcnt) == 0) {
> + if (gts && refcount_dec_and_test(>s->ts_refcnt)) {
> if (gts->ts_gms)
> gru_drop_mmu_notifier(gts->ts_gms);
> kfree(gts);
Related to this, shouldn't this really be a 'struct kref' instead of
hand-creating the exact same logic?
Want to make that change on top of this one?
thanks,
greg k-h