From: Matthew Rosato <mjrosato@linux.ibm.com>
To: Anthony Krowiak <akrowiak@linux.ibm.com>,
linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org
Cc: jjherne@linux.ibm.com, pasic@linux.ibm.com, hca@linux.ibm.com,
gor@linux.ibm.com, borntraeger@linux.ibm.com,
alex.williamson@redhat.com, clg@redhat.com,
stable@vger.kernel.org
Subject: Re: [PATCH] s390/vfio-ap: lock mdev object when handling mdev remove request
Date: Wed, 12 Mar 2025 11:19:05 -0400 [thread overview]
Message-ID: <b763cd33-fb89-498a-841d-1a5423b7ef9b@linux.ibm.com> (raw)
In-Reply-To: <20250221153238.3242737-1-akrowiak@linux.ibm.com>
On 2/21/25 10:32 AM, Anthony Krowiak wrote:
> The vfio_ap_mdev_request function in drivers/s390/crypto/vfio_ap_ops.c
> accesses fields of an ap_matrix_mdev object without ensuring that the
> object is accessed by only one thread at a time. This patch adds the lock
> necessary to secure access to the ap_matrix_mdev object.
>
> Fixes: 2e3d8d71e285 ("s390/vfio-ap: wire in the vfio_device_ops request callback")
> Signed-off-by: Anthony Krowiak <akrowiak@linux.ibm.com>
> Cc: <stable@vger.kernel.org>
The new code itself seems sane.
But besides this area of code, there are 2 other paths that touch matrix_mdev->req_trigger:
the one via vfio_ap_set_request_irq will already hold the lock via vfio_ap_mdev_ioctl (OK).
However the other one in vfio_ap_mdev_probe acquires mdevs_lock a few lines -after- initializing req_trigger and cfg_chg_trigger to NULL. Should the lock also be held there since we would have already registered the vfio device above? We might be protected by circumstance because we are in .probe() but I'm not sure, and we bother getting the lock already to protect mdev_list...
next prev parent reply other threads:[~2025-03-12 15:19 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-21 15:32 [PATCH] s390/vfio-ap: lock mdev object when handling mdev remove request Anthony Krowiak
2025-03-11 10:34 ` Anthony Krowiak
2025-03-12 15:19 ` Matthew Rosato [this message]
2025-03-13 11:18 ` Anthony Krowiak
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b763cd33-fb89-498a-841d-1a5423b7ef9b@linux.ibm.com \
--to=mjrosato@linux.ibm.com \
--cc=akrowiak@linux.ibm.com \
--cc=alex.williamson@redhat.com \
--cc=borntraeger@linux.ibm.com \
--cc=clg@redhat.com \
--cc=gor@linux.ibm.com \
--cc=hca@linux.ibm.com \
--cc=jjherne@linux.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=pasic@linux.ibm.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox