From: "Michael S. Tsirkin" <mst@redhat.com>
To: Alex Williamson <alex.williamson@redhat.com>
Cc: "christophe.de.dinechin@gmail.com"
<christophe.de.dinechin@gmail.com>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"airlied@linux.ie" <airlied@linux.ie>,
"joonas.lahtinen@linux.intel.com"
<joonas.lahtinen@linux.intel.com>,
"heiko.carstens@de.ibm.com" <heiko.carstens@de.ibm.com>,
"farman@linux.ibm.com" <farman@linux.ibm.com>,
"dri-devel@lists.freedesktop.org"
<dri-devel@lists.freedesktop.org>,
"virtualization@lists.linux-foundation.org"
<virtualization@lists.linux-foundation.org>,
"kwankhede@nvidia.com" <kwankhede@nvidia.com>,
Rob Miller <rob.miller@broadcom.com>,
"linux-s390@vger.kernel.org" <linux-s390@vger.kernel.org>,
"sebott@linux.ibm.com" <sebott@linux.ibm.com>,
"lulu@redhat.com" <lulu@redhat.com>,
"eperezma@redhat.com" <eperezma@redhat.com>,
"pasic@linux.ibm.com" <pasic@linux.ibm.com>,
"borntraeger@de.ibm.com" <borntraeger@de.ibm.com>,
haotian.wang@sifive.com
Subject: Re: [PATCH V2 5/8] mdev: introduce device specific ops
Date: Thu, 26 Sep 2019 11:46:55 -0400 [thread overview]
Message-ID: <20190926113958-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <20190925103028.1f2edf03@x1.home>
On Wed, Sep 25, 2019 at 10:30:28AM -0600, Alex Williamson wrote:
> On Wed, 25 Sep 2019 10:11:00 -0400
> Rob Miller <rob.miller@broadcom.com> wrote:
> > > > On Tue, 24 Sep 2019 21:53:29 +0800
> > > > Jason Wang <jasowang@redhat.com> wrote:
> > > > > diff --git a/drivers/vfio/mdev/vfio_mdev.c
> > > > b/drivers/vfio/mdev/vfio_mdev.c
> > > > > index 891cf83a2d9a..95efa054442f 100644
> > > > > --- a/drivers/vfio/mdev/vfio_mdev.c
> > > > > +++ b/drivers/vfio/mdev/vfio_mdev.c
> > > > > @@ -14,6 +14,7 @@
> > > > > #include <linux/slab.h>
> > > > > #include <linux/vfio.h>
> > > > > #include <linux/mdev.h>
> > > > > +#include <linux/vfio_mdev.h>
> > > > >
> > > > > #include "mdev_private.h"
> > > > >
> > > > > @@ -24,16 +25,16 @@
> > > > > static int vfio_mdev_open(void *device_data)
> > > > > {
> > > > > struct mdev_device *mdev = device_data;
> > > > > - struct mdev_parent *parent = mdev->parent;
> > > > > + const struct vfio_mdev_device_ops *ops =
> > > > mdev_get_dev_ops(mdev);
> > > > > int ret;
> > > > >
> > > > > - if (unlikely(!parent->ops->open))
> > > > > + if (unlikely(!ops->open))
> > > > > return -EINVAL;
> > > > >
> > > > > if (!try_module_get(THIS_MODULE))
> > > > > return -ENODEV;
> > >
> >
> > RJM>] My understanding lately is that this call to
> > try_module_get(THIS_MODULE) is no longer needed as is considered as a
> > latent bug.
> > Quote from
> > https://stackoverflow.com/questions/1741415/linux-kernel-modules-when-to-use-try-module-get-module-put
> > :
> > There are a number of uses of try_module_get(THIS_MODULE) in the kernel
> > source but most if not all of them are latent bugs that should be cleaned
> > up.
>
> This use seems to fall exactly into the case where it is necessary, the
> open here is not a direct VFS call, it's an internal interface between
> modules. The user is interacting with filesystem objects from the vfio
> module and the module reference we're trying to acquire here is to the
> vfio-mdev module. Thanks,
>
> Alex
I think the latent bug refers not to module get per se,
but to the module_put tied to it. E.g.:
static void vfio_mdev_release(void *device_data)
{
struct mdev_device *mdev = device_data;
struct mdev_parent *parent = mdev->parent;
if (likely(parent->ops->release))
parent->ops->release(mdev);
module_put(THIS_MODULE);
Does anything prevent the module from unloading at this point?
if not then ...
}
it looks like the implicit return (with instructions for argument pop
and functuon return) here can get overwritten on module
unload, causing a crash when executed.
IOW there's generally no way for module to keep a reference
to itself: it can take a reference but it needs someone else
to keep it and put.
--
MST
next prev parent reply other threads:[~2019-09-26 15:46 UTC|newest]
Thread overview: 100+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-24 13:53 [PATCH V2 0/8] mdev based hardware virtio offloading support Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 13:53 ` [PATCH V2 1/8] vringh: fix copy direction of vringh_iov_push_kern() Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 13:53 ` [PATCH V2 2/8] mdev: class id support Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 23:06 ` Alex Williamson
2019-09-24 23:06 ` Alex Williamson
2019-09-25 12:01 ` Jason Wang
2019-09-25 12:01 ` Jason Wang
2019-09-25 12:01 ` Jason Wang
2019-09-24 23:06 ` Alex Williamson
2019-09-25 8:28 ` Tian, Kevin
2019-09-25 8:28 ` Tian, Kevin
2019-09-25 8:28 ` Tian, Kevin
2019-09-25 12:13 ` Jason Wang
2019-09-25 12:13 ` Jason Wang
2019-09-25 12:13 ` Jason Wang
2019-09-24 13:53 ` [PATCH V2 3/8] mdev: bus uevent support Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 13:53 ` [PATCH V2 4/8] modpost: add support for mdev class id Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 13:53 ` [PATCH V2 5/8] mdev: introduce device specific ops Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 23:06 ` Alex Williamson
2019-09-24 23:06 ` Alex Williamson
2019-09-25 8:52 ` Tian, Kevin
2019-09-25 14:11 ` Rob Miller via Virtualization
2019-09-25 16:30 ` Alex Williamson
2019-09-25 16:30 ` Alex Williamson
2019-09-26 15:46 ` Michael S. Tsirkin [this message]
2019-09-26 16:26 ` Alex Williamson
2019-09-26 16:34 ` Michael S. Tsirkin
2019-09-26 16:34 ` Michael S. Tsirkin
2019-09-27 8:04 ` Jason Wang
2019-09-25 8:52 ` Tian, Kevin
2019-09-25 12:04 ` Jason Wang
2019-09-25 12:04 ` Jason Wang
2019-09-25 12:04 ` Jason Wang
2019-09-24 23:06 ` Alex Williamson
2019-09-24 13:53 ` Jason Wang
2019-09-24 13:53 ` [PATCH V2 6/8] mdev: introduce virtio device and its device ops Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 23:06 ` Alex Williamson
2019-09-24 23:06 ` Alex Williamson
2019-09-25 12:06 ` Jason Wang
2019-09-25 12:06 ` Jason Wang
2019-09-25 12:06 ` Jason Wang
2019-09-27 8:37 ` Jason Wang
2019-09-27 8:37 ` Jason Wang
2019-09-27 8:37 ` Jason Wang
2019-09-27 16:25 ` Parav Pandit
2019-09-30 21:36 ` Alex Williamson
2019-10-10 5:00 ` Jason Wang
2019-09-30 21:36 ` Alex Williamson
2019-10-10 9:18 ` Jason Wang
2019-10-10 9:18 ` Jason Wang
2019-10-10 9:18 ` Jason Wang
2019-09-24 23:06 ` Alex Williamson
2019-09-25 9:09 ` Tian, Kevin
2019-09-25 9:09 ` Tian, Kevin
2019-09-25 12:45 ` Jason Wang
2019-09-25 12:45 ` Jason Wang
2019-09-25 13:21 ` Michael S. Tsirkin
2019-09-26 4:04 ` Jason Wang
2019-09-26 8:21 ` Michael S. Tsirkin
2019-09-26 8:21 ` Michael S. Tsirkin
2019-09-26 10:48 ` Jason Wang
2019-09-26 10:48 ` Jason Wang
2019-09-26 12:15 ` Michael S. Tsirkin
2019-09-26 12:15 ` Michael S. Tsirkin
2019-09-26 4:04 ` Jason Wang
2019-09-25 13:21 ` Michael S. Tsirkin
2019-09-26 0:48 ` Tian, Kevin
2019-09-26 0:48 ` Tian, Kevin
2019-09-26 8:12 ` Jason Wang
2019-09-26 8:12 ` Jason Wang
2019-09-26 8:12 ` Jason Wang
2019-09-25 12:45 ` Jason Wang
2019-09-25 9:09 ` Tian, Kevin
2019-09-24 13:53 ` Jason Wang
2019-09-24 13:53 ` [PATCH V2 7/8] virtio: introduce a mdev based transport Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 13:53 ` [PATCH V2 8/8] docs: sample driver to demonstrate how to implement virtio-mdev framework Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 13:53 ` Jason Wang
2019-09-24 15:03 ` ✗ Fi.CI.CHECKPATCH: warning for mdev based hardware virtio offloading support (rev3) Patchwork
2019-09-24 15:26 ` ✓ Fi.CI.BAT: success " Patchwork
2019-09-25 5:11 ` ✓ Fi.CI.IGT: " Patchwork
2019-09-25 8:24 ` [PATCH V2 0/8] mdev based hardware virtio offloading support Tian, Kevin
2019-09-25 8:24 ` Tian, Kevin
2019-09-25 8:24 ` Tian, Kevin
2019-09-25 12:13 ` Jason Wang
2019-09-25 12:13 ` Jason Wang
2019-09-25 12:13 ` Jason Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190926113958-mutt-send-email-mst@kernel.org \
--to=mst@redhat.com \
--cc=airlied@linux.ie \
--cc=alex.williamson@redhat.com \
--cc=borntraeger@de.ibm.com \
--cc=christophe.de.dinechin@gmail.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=eperezma@redhat.com \
--cc=farman@linux.ibm.com \
--cc=haotian.wang@sifive.com \
--cc=heiko.carstens@de.ibm.com \
--cc=joonas.lahtinen@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=kwankhede@nvidia.com \
--cc=linux-s390@vger.kernel.org \
--cc=lulu@redhat.com \
--cc=pasic@linux.ibm.com \
--cc=rob.miller@broadcom.com \
--cc=sebott@linux.ibm.com \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.