Re: [PATCH v5 2/3] vfio/ism: Implement vfio_pci driver for ISM devices
From: Farhan Ali
Date: Tue Mar 17 2026 - 14:44:42 EST
<..snip..>
On 3/17/2026 5:58 AM, Julian Ruess wrote:
static int ism_vfio_pci_probe(struct pci_dev *pdev,
+ const struct pci_device_id *id)
+{
+ struct ism_vfio_pci_core_device *ivpcd;
+ struct zpci_dev *zdev = to_zpci(pdev);
+ char cache_name[20];
+ int ret;
+
+ ivpcd = vfio_alloc_device(ism_vfio_pci_core_device, core_device.vdev,
+ &pdev->dev, &ism_pci_ops);
+ if (IS_ERR(ivpcd))
+ return PTR_ERR(ivpcd);
+
+ snprintf(cache_name, sizeof(cache_name), "ism_sb_fid_%08x", zdev->fid);
+ ivpcd->store_block_cache =
+ kmem_cache_create(cache_name, zdev->maxstbl, 0, 0, NULL);
+ if (!ivpcd->store_block_cache) {
+ vfio_put_device(&ivpcd->core_device.vdev);
+ return -ENOMEM;
+ }
+
+ dev_set_drvdata(&pdev->dev, &ivpcd->core_device);
+ ret = vfio_pci_core_register_device(&ivpcd->core_device);
+ if (ret) {
+ kmem_cache_destroy(ivpcd->store_block_cache);
+ vfio_put_device(&ivpcd->core_device.vdev);
+ }
+
+ return ret;
+}
+
+static void ism_vfio_pci_remove(struct pci_dev *pdev)
+{
+ struct vfio_pci_core_device *core_device;
+ struct ism_vfio_pci_core_device *ivpcd;
+
+ core_device = dev_get_drvdata(&pdev->dev);
+ ivpcd = container_of(core_device, struct ism_vfio_pci_core_device,
+ core_device);
+
+ vfio_pci_core_unregister_device(&ivpcd->core_device);
+ vfio_put_device(&ivpcd->core_device.vdev);
+
+ kmem_cache_destroy(ivpcd->store_block_cache);
I think the kmem_cache_destroy() should be done before we do vfio_put_device() (or maybe even before vfio_pci_core_unregister_device()) to avoid use after free similar to ism_vfio_pci_probe(). Sorry I missed this earlier.
Thanks
Farhan
+}