Re: [PATCH v9 09/22] s390: vfio-ap: register matrix device with VFIO mdev framework
From: Tony Krowiak
Date: Fri Aug 17 2018 - 15:02:20 EST
On 08/17/2018 04:43 AM, Cornelia Huck wrote:
On Thu, 16 Aug 2018 12:24:16 -0400
Tony Krowiak <akrowiak@xxxxxxxxxxxxx> wrote:
On 08/14/2018 07:19 AM, Cornelia Huck wrote:
On Mon, 13 Aug 2018 17:48:06 -0400
Tony Krowiak <akrowiak@xxxxxxxxxxxxxxxxxx> wrote:
+static int vfio_ap_mdev_create(struct kobject *kobj, struct mdev_device *mdev)
+{
+ struct ap_matrix_mdev *matrix_mdev;
+
+ matrix_mdev = kzalloc(sizeof(*matrix_mdev), GFP_KERNEL);
+ if (!matrix_mdev)
+ return -ENOMEM;
+
+ matrix_mdev->name = dev_name(mdev_dev(mdev));
+ vfio_ap_matrix_init(&matrix_dev.info, &matrix_mdev->matrix);
+ mdev_set_drvdata(mdev, matrix_mdev);
+
+ if (atomic_dec_if_positive(&matrix_dev.available_instances) < 0) {
+ kfree(matrix_mdev);
+ return -EPERM;
+ }
Maybe move this check to the top of the function?
Please ignore my previous response to your comment. I can't move the call to
atomic_dec_if_positive() to the top of the function because it
decrements the
available_instances and if the kzalloc() of matrix_mdev fails, then the
value
would have to then be incremented to remain valid. What I can do is this:
1. Check the value of available_instances using atomic_read() at the top of
the function and if it is zero, return an error.
2. Replace the call to atomic_dec_if_positive() with a call to atomic_dec()
to decrement the available_instances.
I agree that it makes sense to return before attempting to allocate the
matrix_mdev if available_instances is zero.
Wouldn't that be racy, though?
I don't think re-incrementing the counter is too bad, and it's
certainly better than going through allocation/freeing of structures.
I'll make it happen.
+
+ mutex_lock(&matrix_dev.lock);
+ list_add(&matrix_mdev->list, &matrix_dev.mdev_list);
+ mutex_unlock(&matrix_dev.lock);
+
+ return 0;
+}