RE: [PATCH RFC v2 10/15] vfio/nvgrace-egm: Clear Memory before handing out to VM

Next message: Stefan Berger: "Re: IMA and PQC"
Previous message: Russell King (Oracle): "Re: [PATCH net-next v3 5/5] net: macb: Add &quot;mobileye,eyeq5-gem&quot; compatible"
In reply to: Jason Gunthorpe: "Re: [PATCH RFC v2 10/15] vfio/nvgrace-egm: Clear Memory before handing out to VM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Shameer Kolothum Thodi

Date: Thu Feb 26 2026 - 14:29:33 EST

> -----Original Message-----
> From: Jason Gunthorpe <jgg@xxxxxxxxxx>
> Sent: 26 February 2026 18:57
> To: Shameer Kolothum Thodi <skolothumtho@xxxxxxxxxx>
> Cc: Ankit Agrawal <ankita@xxxxxxxxxx>; Vikram Sethi <vsethi@xxxxxxxxxx>;
> Matt Ochs <mochs@xxxxxxxxxx>; alex@xxxxxxxxxxx; Neo Jia
> <cjia@xxxxxxxxxx>; Zhi Wang <zhiw@xxxxxxxxxx>; Krishnakant Jaju
> <kjaju@xxxxxxxxxx>; Yishai Hadas <yishaih@xxxxxxxxxx>;
> kevin.tian@xxxxxxxxx; kvm@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx
> Subject: Re: [PATCH RFC v2 10/15] vfio/nvgrace-egm: Clear Memory before
> handing out to VM
>
> On Thu, Feb 26, 2026 at 06:15:33PM +0000, Shameer Kolothum Thodi wrote:
> > The mmap mapping stays alive and accessible in userspace even after
> > the close(). Since the release function decrements open_count on close(),
> > a second process could then call open() and wipe the mapping while it's
> > still live.
>
> fops release is not called until the mmap is closed too, the VMA holds
> a struct file pointer as well. close does not call release, close
> calls fput and fput calls release when the struct file refcount is 0.

Ah..I wasn't sure about the release not being called until mmap is closed
part. Thanks for that explanation.

Shameer